PC Review


Reply
Thread Tools Rate Thread

Brand new Dell - already infected?

 
 
=?Utf-8?B?YnJ5YW4=?=
Guest
Posts: n/a
 
      16th Aug 2005
I just purchased a new Dell Dimension 9100 (new line for Dell). I loaded
Mcafee VirusScan, Firewall and Privacy Service and then downloaded updates
for all of the preceeding Mcafee programs (there were many). I also
downloaded all
critical Windows Security downloads. Everything is working fine except when I
work with wordpad/notepad/word or other Microsoft programs. At random, when
I open these files, I recieve IE shutdown errors. I created a new wordpad and
notepad file, saved both and re-opened them: everything seemed fine. Then I
ran Windows Explorer and when I tried to open the wordpad file with explorer,
I received IE shutdown errors. The error report included:
C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\drwtsn32.exe.mdmp
C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\appcompat.txt. The HBT directory
is one that was created when I first turned on my Dell and went through the
initial installation wizard. The errors do not seem to take place along any
specific pattern which makes this wreak of malware. Any advice would be
greatly appreciated. I ran McAfee virusscan and no problems were found. I
also installed and ran Spybot S&D and Adaware, but no problems were found.
Any advice would be GREATLY APPRECIATED! Bryan

 
Reply With Quote
 
 
 
 
David H. Lipman
Guest
Posts: n/a
 
      16th Aug 2005
From: "bryan" <(E-Mail Removed)>

| I just purchased a new Dell Dimension 9100 (new line for Dell). I loaded
| Mcafee VirusScan, Firewall and Privacy Service and then downloaded updates
| for all of the preceeding Mcafee programs (there were many). I also
| downloaded all
| critical Windows Security downloads. Everything is working fine except when I
| work with wordpad/notepad/word or other Microsoft programs. At random, when
| I open these files, I recieve IE shutdown errors. I created a new wordpad and
| notepad file, saved both and re-opened them: everything seemed fine. Then I
| ran Windows Explorer and when I tried to open the wordpad file with explorer,
| I received IE shutdown errors. The error report included:
| C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\drwtsn32.exe.mdmp
| C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\appcompat.txt. The HBT directory
| is one that was created when I first turned on my Dell and went through the
| initial installation wizard. The errors do not seem to take place along any
| specific pattern which makes this wreak of malware. Any advice would be
| greatly appreciated. I ran McAfee virusscan and no problems were found. I
| also installed and ran Spybot S&D and Adaware, but no problems were found.
| Any advice would be GREATLY APPRECIATED! Bryan


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

It is a self-extracting ZIP file that contains the Kixtart Script Interpreter {
http://kixtart.org Kixtart is CareWare } three batch files, five Kixtart scripts, one Link
(.LNK) file, a PDF instruction file and two utilities; UNZIP.EXE and WGET.EXE. It will
simplify the process of using; Sophos, Trend and McAfee Anti Virus Command Line Scanners to
remove
viruses, Trojans and various other malware.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode. This
way all the components can be downloaded from each AV vendorís web site.
The choices are; Sophos, Trend, McAfee, Exit the menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

* * * Please report back your results * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
 
 
 
Alan
Guest
Posts: n/a
 
      17th Aug 2005
bryan wrote:
> I just purchased a new Dell Dimension 9100 (new line for Dell). I loaded
> Mcafee VirusScan, Firewall and Privacy Service and then downloaded updates
> for all of the preceeding Mcafee programs (there were many). I also
> downloaded all
> critical Windows Security downloads. Everything is working fine except when I
> work with wordpad/notepad/word or other Microsoft programs. At random, when
> I open these files, I recieve IE shutdown errors. I created a new wordpad and
> notepad file, saved both and re-opened them: everything seemed fine. Then I
> ran Windows Explorer and when I tried to open the wordpad file with explorer,
> I received IE shutdown errors. The error report included:
> C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\drwtsn32.exe.mdmp
> C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\appcompat.txt. The HBT directory
> is one that was created when I first turned on my Dell and went through the
> initial installation wizard. The errors do not seem to take place along any
> specific pattern which makes this wreak of malware. Any advice would be
> greatly appreciated. I ran McAfee virusscan and no problems were found. I
> also installed and ran Spybot S&D and Adaware, but no problems were found.
> Any advice would be GREATLY APPRECIATED! Bryan
>

For a brand new Dell you should be calling Dell Tech Support. You
paid for their service in the price of the PC.
 
Reply With Quote
 
=?Utf-8?B?YnJ5YW4=?=
Guest
Posts: n/a
 
      17th Aug 2005
Dell tech support does not want to help me despite my support agreement. They
told me that this is a problem with Microsoft programs which is not covered
(which I do not believe). In a prior call, they gave me bad information.
Maybe I spoke to a new person, but for now I guess I will try the above
suggestions. Bryan

"Alan" wrote:

> bryan wrote:
> > I just purchased a new Dell Dimension 9100 (new line for Dell). I loaded
> > Mcafee VirusScan, Firewall and Privacy Service and then downloaded updates
> > for all of the preceeding Mcafee programs (there were many). I also
> > downloaded all
> > critical Windows Security downloads. Everything is working fine except when I
> > work with wordpad/notepad/word or other Microsoft programs. At random, when
> > I open these files, I recieve IE shutdown errors. I created a new wordpad and
> > notepad file, saved both and re-opened them: everything seemed fine. Then I
> > ran Windows Explorer and when I tried to open the wordpad file with explorer,
> > I received IE shutdown errors. The error report included:
> > C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\drwtsn32.exe.mdmp
> > C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\appcompat.txt. The HBT directory
> > is one that was created when I first turned on my Dell and went through the
> > initial installation wizard. The errors do not seem to take place along any
> > specific pattern which makes this wreak of malware. Any advice would be
> > greatly appreciated. I ran McAfee virusscan and no problems were found. I
> > also installed and ran Spybot S&D and Adaware, but no problems were found.
> > Any advice would be GREATLY APPRECIATED! Bryan
> >

> For a brand new Dell you should be calling Dell Tech Support. You
> paid for their service in the price of the PC.
>

 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      17th Aug 2005
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> Dell tech support does not want to help me despite my support agreement. They
> told me that this is a problem with Microsoft programs which is not covered
> (which I do not believe). In a prior call, they gave me bad information.
> Maybe I spoke to a new person, but for now I guess I will try the above
> suggestions. Bryan


What type of internet connection do you have?

If you have DSL or Cable, then get a NAT Router to connect between your
ISP's router and your computer - this will let you reinstall Windows and
everything else without being compromised in the process.

--

(E-Mail Removed)
remove 999 in order to email me
 
Reply With Quote
 
=?Utf-8?B?YnJ5YW4=?=
Guest
Posts: n/a
 
      17th Aug 2005
I am not very technical and am not sure what these instructions mean. When I
run the command it gives me the choices you state. Do I select Mcafee? Will
this run a scan that is external to Mcafee? I'm confused.

"bryan" wrote:

> Dell tech support does not want to help me despite my support agreement. They
> told me that this is a problem with Microsoft programs which is not covered
> (which I do not believe). In a prior call, they gave me bad information.
> Maybe I spoke to a new person, but for now I guess I will try the above
> suggestions. Bryan
>
> "Alan" wrote:
>
> > bryan wrote:
> > > I just purchased a new Dell Dimension 9100 (new line for Dell). I loaded
> > > Mcafee VirusScan, Firewall and Privacy Service and then downloaded updates
> > > for all of the preceeding Mcafee programs (there were many). I also
> > > downloaded all
> > > critical Windows Security downloads. Everything is working fine except when I
> > > work with wordpad/notepad/word or other Microsoft programs. At random, when
> > > I open these files, I recieve IE shutdown errors. I created a new wordpad and
> > > notepad file, saved both and re-opened them: everything seemed fine. Then I
> > > ran Windows Explorer and when I tried to open the wordpad file with explorer,
> > > I received IE shutdown errors. The error report included:
> > > C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\drwtsn32.exe.mdmp
> > > C:\DOCUME~1\HBT\LOCALS~1\Temp\WERed75.dir00\appcompat.txt. The HBT directory
> > > is one that was created when I first turned on my Dell and went through the
> > > initial installation wizard. The errors do not seem to take place along any
> > > specific pattern which makes this wreak of malware. Any advice would be
> > > greatly appreciated. I ran McAfee virusscan and no problems were found. I
> > > also installed and ran Spybot S&D and Adaware, but no problems were found.
> > > Any advice would be GREATLY APPRECIATED! Bryan
> > >

> > For a brand new Dell you should be calling Dell Tech Support. You
> > paid for their service in the price of the PC.
> >

 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      17th Aug 2005
From: "bryan" <(E-Mail Removed)>

| I am not very technical and am not sure what these instructions mean. When I
| run the command it gives me the choices you state. Do I select Mcafee? Will
| this run a scan that is external to Mcafee? I'm confused.

If you choose; McAfee, Trend or Sophos it will automatically go to the respective AV
vendor's web site and download the needed AV command line scanner and signature files. Upon
the download completion and the file extraction (they are distributed in archive formats),
it will ask if you wan to run a scan. If the answer is YES, it will then ask if you want to
scan a particular location (such as F: or d:\program files ) either way it will scan either
the selected location or all hard disks and clean the PC of infectors accordingly.

Thye Multri AV Scanner front end utility will keep the three vendor's files up-to-date and
and is an excellent "On Demand" anti virus scanner utility.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
=?Utf-8?B?YnJ5YW4=?=
Guest
Posts: n/a
 
      17th Aug 2005
Dave,
Thank you for your help. I ran the scan for Mcafee in normal mode and
here are the results:

Scanning C: []
Scanning C:\*.*

Summary report on C:\*.*
File(s)
Total files: ........... 137953
Clean: ................. 137808
Possibly Infected: ..... 0
Cleaned: ............... 0
Non-critical Error(s): 2
Master Boot Record(s): ......... 1
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0


Time: 00:24.49

I ran the c:\AV_CLS\startmenu.BAT and then answered Y to run the scan.
Should I repeat the same steps in safe mode?

"David H. Lipman" wrote:

> From: "bryan" <(E-Mail Removed)>
>
> | I am not very technical and am not sure what these instructions mean. When I
> | run the command it gives me the choices you state. Do I select Mcafee? Will
> | this run a scan that is external to Mcafee? I'm confused.
>
> If you choose; McAfee, Trend or Sophos it will automatically go to the respective AV
> vendor's web site and download the needed AV command line scanner and signature files. Upon
> the download completion and the file extraction (they are distributed in archive formats),
> it will ask if you wan to run a scan. If the answer is YES, it will then ask if you want to
> scan a particular location (such as F: or d:\program files ) either way it will scan either
> the selected location or all hard disks and clean the PC of infectors accordingly.
>
> Thye Multri AV Scanner front end utility will keep the three vendor's files up-to-date and
> and is an excellent "On Demand" anti virus scanner utility.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>

 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      17th Aug 2005
In article <#(E-Mail Removed)>,
DLipman~nospam~@Verizon.Net says...
> If you choose; McAfee, Trend or Sophos it will automatically go to the respective AV
> vendor's web site and download the needed AV command line scanner and signature files.


NO IT WONT - Mcrappy requires you to register the product and agree to a
control being installed before you can get automatic updates. I've seen
more McCrappy protected machines infected due to their now doing
automatic updates without registration.


--

(E-Mail Removed)
remove 999 in order to email me
 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      17th Aug 2005
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> I ran the c:\AV_CLS\startmenu.BAT and then answered Y to run the scan.
> Should I repeat the same steps in safe mode?


Did you open McCrappy, and select Update? If you did, did you complete
the registration in order to get the updates?

If you didn't complete the on-line registration then you have little
protection.

And yes, it's always best to run AV scan's on suspected machines in Safe
Mode.

--

(E-Mail Removed)
remove 999 in order to email me
 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
brand sandals,brand bags,brand glasses,brand sneakers nikesky-tradeleads Windows XP Basics 0 10th Jul 2008 03:43 AM
Brand new laptop, so brand new to Vista. Three questions. McG. Windows Vista General Discussion 7 31st Oct 2007 01:15 AM
Brand New Dell 8400 repeatedly doing physical memory dumps while i =?Utf-8?B?S3JhZmth?= Windows XP Games 1 21st May 2005 07:09 AM
Brand New WinXP Dell D800 LOCKS UP on Network Links =?Utf-8?B?TVNVVGVjaA==?= Windows XP General 1 6th Mar 2005 12:15 AM
Brand New Dell D800 XP Machine Locks up on Network links.. =?Utf-8?B?TVNVVGVjaA==?= Windows XP Networking 0 4th Mar 2005 06:13 PM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 10:28 AM.