IS this caused by a virus?

[Guest]

I run Zonealarm which has been cleaning a few viruses lately. Checking out
from some e-store the other day, ZoneAlarm detected a dialup connection being
added. Long story short, I had to pull the plug to get the computer to shut
down. Since then, when I boot and reach the point where the wallpaper and
icons should appear on my monitor, my monitor goes blank but I can hear the
startups being loaded. Can a virus take over the monitor and blank it out
(and maybe use the mouse in secrecy)? The only ZoneAlarm info I still have
is this ... TROJAN.DOWNLOADER.JAVA, TROJAN.IS.AGENTB, TROJAN=SPY HTML.ANAL,
WIN32.ISBAR.450, WIN32.TROJAN.PSW.G... These have been deleted.

Any helpwould be appreciated. I am running in safe mode now but cannot print
or use the sound card.

 

[Guest]

I run Zonealarm which has been cleaning a few viruses lately. Checking out
from some e-store the other day, ZoneAlarm detected a dialup connection being
added. Long story short, I had to pull the plug to get the computer to shut
down. Since then, when I boot and reach the point where the wallpaper and
icons should appear on my monitor, my monitor goes blank but I can hear the
startups being loaded. Can a virus take over the monitor and blank it out
(and maybe use the mouse in secrecy)? The only ZoneAlarm info I still have
is this ... TROJAN.DOWNLOADER.JAVA, TROJAN.IS.AGENTB, TROJAN=SPY HTML.ANAL,
WIN32.ISBAR.450, WIN32.TROJAN.PSW.G... These have been deleted.

Any helpwould be appreciated. I am running in safe mode now but cannot print
or use the sound card.

You need to be sure your system is clean from malware and Viruses by
scanning for them
Scan for malware from here:
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm
Run a scan from here on-line:
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Lots of tools to download and disinfect your machine:
http://www.bitdefender.co.uk/site/Downloads/browseFreeRemovalTool/
http://free.grisoft.com/doc/5390/lng/us/tpl/v5

Download the Hijackthis and send the report to one of many
forums for analysis and troubleshooting:
http://www.merijn.org/index.php
When all else fails, HijackThis v1.99.1
(http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. Post
your log to http://aumha.net/viewforum.php?f=30,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7, or other appropriate
forums for expert analysis, not here.
HTH.
nass

 

[Patrick Keenan]

I run Zonealarm which has been cleaning a few viruses lately. Checking out
from some e-store the other day, ZoneAlarm detected a dialup connection
being
added. Long story short, I had to pull the plug to get the computer to
shut
down. Since then, when I boot and reach the point where the wallpaper and
icons should appear on my monitor, my monitor goes blank but I can hear
the
startups being loaded. Can a virus take over the monitor and blank it out
(and maybe use the mouse in secrecy)? The only ZoneAlarm info I still
have
is this ... TROJAN.DOWNLOADER.JAVA, TROJAN.IS.AGENTB, TROJAN=SPY
HTML.ANAL,
WIN32.ISBAR.450, WIN32.TROJAN.PSW.G... These have been deleted.

Any helpwould be appreciated. I am running in safe mode now but cannot
print
or use the sound card.

It could certainly damage the video drivers and registry settings. If the
screen has gone blank, that may mean that the resolution has changed to
something out of range of your monitor. At the screen where you can select
Safe Mode, there's another VGA mode, which will use a very generic driver
and let you set resolution and refresh rates correctly, in a way that you
cannot do in Safe Mode.

I'll suggest that the place for you to start is to remove the drive from
your system, and attach it to another system that has up-to-date virus
protection and lots of free disk space. This approach will safeguard your
data, and let you get directly to most malware without it trying to fight
you. You can use a USB2 drive case or connector, or attach it via IDE or
SATA cable. You may have to change jumper settings.

Once that's done, back up your data to the other system. The active
antivuris will detect any malware during the copies. Be sure that you get
all of your data, including emails and address books. You may possibly
need to Take Ownership of various folders, and the method for that is here:

http://support.microsoft.com/kb/308421

Then, locate all the "content.ie5" folders and cache folders for other
browsers, and empty them. Likewise empty all temp folders. Empty the
recycle bin. There are one or two large files in the root directory,
which can be deleted - pagefile.sys and hiberfil.sys. If they are there,
they can be deleted; Windows will recreate them as needed, and not having
them will speed up the next steps..

Now, you're ready to scan that drive for viruses. Use the installed AV
scanner and then use the Trend Micro Housecall scanner at
http://housecall.trendmicro.com

This should uncover most malware, with the malware in a dormant state.

Finally, you can defragment the drive while it's attached to this other
system. That'll be a little faster than doing it after you put it back.

Re-install the drive in the original system, and start it up in VGA mode,
and set the video correctly, and then check your other driver problems.
You may need to reinstall basic board drivers, or just drivers for the
printer and sound card.

HTH
-pk

 

[Guest]

Thank you so much. Between the two response I received and some old CD's
that contained the drivers for my set up, I was able to boot normally,
almost. The resolution didn't match the monitor. I solved this problem by
punching some reconfig buttons on the Gateway monitor. Then the fonts were
too small. I think I just fixed that with device manager, setting the font
to largest. When I loaaded the driver cd it told me that there was not
driver for the monitor. Nice virus. The one thing that advanced me the most
was the SAFE MODE VGA in the next post but it was a team effort. The bottom
line is that I appreciate both of you jumping in there and would like to give
you a lot of positive feedback but I do not know how. I will look around for
a while. I know it has to be easy but I operate on a "slow but not stupid"
basis. Finally, my mother in law was from east London.

 

[Guest]

Thanks a lot. I wrote a lengthy response to the first poster who provided me
helpful suggestions. That response is meant for you, too. Thanks a gain.