Robert Carnegie wrote:
> On a Gigabyte M912 net-book computer running Windows XP Home, I
> disabled the AutoPlay function. Now it's started running. The
> registry configuration that disabled it appears to be intact, but I
> haven't checked every applicable setting, just "Honor disabled
> AutoPlay" (machine, I think) and "Disable AutoPlay on these drive
> types: all, 0xFF" (per user). To disable it again, and otherwise
> protect myself, what should I look at?
>
> Things I have only done on the computer recently include:
>
> - Connect a real USB hard disk.
>
> - Use Linux (SystemRescueCD 1.3.1 and 1.3.3) to shrink partition C,
> create and format a new FAT32 partition H, then remove existing
> partition D and (in Windows) rename H to D.
>
> - Install CoolInfo free (sponsored) speech recognition software
> including Microsoft Speech API.
>
> - Use SystemRescueCD 1.3.3 to scan for virus (ClamScan). It thinks
> that two data files for Windows F-Secure anti-virus contain viruses.
>
> - Use just-out SystemRescueCD 1.3.4 to see how current ClamScan is.
> (Not absolutely: updated December 15th. But you can download new
> virus id files separately. I haven't done that yet.)
>
> - Use F-Secure virus scanner to read the machine. It thinks I am
> clean except for a "tracking cookie".
>
> - Input and use the settings for a British dial-up Internet service
> that does not run and only crashes or freezes the computer. Called
> something like Zaggle.
>
> - Accept recommendation by F-Secure to suppress registry access (!) by
> a program named, I think, KBM.exe. This appears to be original
> software on the computer - but may be corrupted - and F-Secure only
> got upset about it after an update to F-Secure and then the attempt to
> use Zaggle.
>
> Things I have not done recently:
>
> - Install any very latest Windows Updates after December 13th.
>
> - Update F-Secure since December 1st, according to notes.
>
> - Knowingly use wireless networking. I think it is switched off, and
> Bluetooth undiscoverable.
>
> - Update from Internet Explorer 6.
Robert Carnegie wrote
> Oh, another "did recently": I just disabled "System Restore" on some
> of the hard disk partitions - keept it on the system partition.
You did a system restore...? That could easily undo patches.
Why did you perform a system restore?
How to disable the Autorun functionality in Windows
http://support.microsoft.com/kb/967715
In your case - I would probably do the following if I had the computer:
You can obtain and supply the edition and version information:
Start button --> RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
--> type in:
winver
--> Click OK.
The picture at the top of the window that opens will give you the general
(Operating System name and edition) while the line starting with the word
"version" will give you the rest of the story. Post _both_ in response
to this message verbatim. No paraphrasing - instead - ensure
character-for-character copying.
What version of Internet Explorer are you currently using? Easy to find
out. Open Internet Explorer and while that is in-focus, press and hold
the "ALT" key on your keyboard. With the "ALT" key still pressed, press
(just once, no holding) the "H" key. Now, with the "ALT" key still
pressed, press (just once, no holding) the "A" key. That will bring up
the "About Internet Explorer" window. It will give you the exact version
you are using - repeat what you see there in response to this message.
Download/install the "Windows Installer CleanUp Utility":
http://support.microsoft.com/kb/290301
After installing, do the following:
Start button --> RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
--> type in:
"%ProgramFiles%\Windows Installer Clean Up\msizap.exe" g!
--> Click OK.
(The quotation marks and percentage signs and spacing should be exact.)
Download, install, run, update and perform a full scan with the following
(freeware version):
SuperAntiSpyware
http://www.superantispyware.com/
Reboot and logon as administrative user.
Download, install, run, update and perform a full scan with the following
(freeware version):
MalwareBytes
http://www.malwarebytes.com/
Reboot and logon as administrative user.
Download and run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx
You may find nothing, you may find only cookies, you may think it is a
waste of time...
Reboot and logon as administrative user.
Download/Install the latest Windows Installer (for your OS):
( Windows XP 32-bit : WindowsXP-KB942288-v3-x86.exe )
http://www.microsoft.com/downloadS/d...displaylang=en
Reboot and logon as administrative user.
Download the latest version of the Windows Update agent from here (x86):
http://go.microsoft.com/fwlink/?LinkID=91237
.... and save it to the root of your C:\ drive. After saving it to the
root of the C:\ drive, do the following:
Close all Internet Explorer windows and other applications.
Start button --> RUN and type in:
%SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE
--> Click OK.
(If asked, select "Run.) --> Click on NEXT --> Select "I agree" and click on
NEXT --> When it finishes installing, click on "Finish"...
Reboot and logon as administrative user.
Visit this web page:
How do I reset Windows Update components?
http://support.microsoft.com/kb/971058
.... and click on the "Microsoft Fix it" icon. When asked, select "RUN",
both times. Check the "I agree" box and click on "Next". Check the box
for "Run aggressive options (not recommended)" and click "Next". Let
it finish up and follow the prompts until it is done. Close/exit and
reboot when it is.
Log on as an user with administrative rights and open Internet Explorer
and visit
http://windowsupdate.microsoft.com/ and select to do a
CUSTOM scan...
Every time you are about to click on something while at these web pages -
first press and hold down the CTRL key while you click on it. You can
release the CTRL key after clicking each time.
Once the scan is done, select just _ONE_ of the high priority updates
(deselect any others) and install it.
Reboot again.
If it did work - try the web page again - selecting no more than 3-5 at a
time. Rebooting as needed.
The Optional Software updates are generally safe - although I recommend
against the "Windows Search" one and any of the "Office Live" ones or
"Windows Live" ones for now. I would completely avoid the
Optional Hardware updates. Also - I do not see any urgent need to
install Internet Explorer 8 at this time.
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
Similar Threads
