El grupo al cual envías entradas es un grupo Usenet. Si envías mensajes a este grupo, cualquier usuario de Internet podrá ver tu dirección de correo electrónico
I am doing this on my mother's behalf who is 3 hours away from me so I can't see exactly what is happening. Apparently, a box came up that said "threat found, trojan horse, heal now" It wasn't coming from her virus scanner or so she thinks as AVG wasn't on the box anywhere. so she clicked heal..her computer shut down and now when she turns it on and it gets to the startup winXP screen it restarts in a loop..She just bought another computer because she was having probs with these trojan notices and her computer going screwy...The hardest thing is, I have to direct a computer illiterate person over the phone..I hope there is an easy resolve to this..har har... thanks
4deadcrowsstu...@gmail.com wrote in news:1165413469.407264.316180@ 80g2000cwy.googlegroups.com:
> I am doing this on my mother's behalf who is 3 hours away from me so I > can't see exactly what is happening. Apparently, a box came up that > said "threat found, trojan horse, heal now" It wasn't coming from her > virus scanner or so she thinks as AVG wasn't on the box anywhere. so > she clicked heal..her computer shut down and now when she turns it on > and it gets to the startup winXP screen it restarts in a loop..She just > bought another computer because she was having probs with these trojan > notices and her computer going screwy...The hardest thing is, I have to > direct a computer illiterate person over the phone..I hope there is an > easy resolve to this..har har... > thanks
Actually, there is!
And it called "a good backup strategy."
All computers with Windows should come with Partition Magic and Drive Image. Right when you get that puppy, you partition ~10% of the HDD space to (D:) BACKUP, and you run a pristine image backup from (C:) to (D:) and then you do so every so often. Daily is not unreasonable.
On my newer machines, the whole backup process takes < 10 min., and a restore takes a little less. Admittedly, I run complete scans, then clean- up disk routines, then reboot to scandisk, then defrag, then image, which takes about 40 minutes to do. If ever I get fubared, instead of going nucking-futs trying to figure out all the minutiae, I only risk losing about 2 or 3 days of system updates, etc. My data is already stored on a separate partition, but it get's manually backed up to off-site as well. You can either access Drive Image for a restore via Windows, if it's still working, or via the boot CD. There are several other software options out there that people absolutely swear by...
And that little bit of time invested is *so* *much* *better* than having to reformat and reinstall after a malicious event or a fubared update. Which is what it looks like you need to do.
Bought another computer? That's a pretty steep price to pay because someone got bit by a virus or trojan. Seems like it might be a good motivation tool after a couple of episodes.
Best wishes to all for a safe and joyous holiday season.
--
To me boxing is like a ballet, except there's no music, no choreography, and the dancers hit each other until the loser cries like a little girl, or does that whole go-to-sleep thing.
Some people would do anything to get out of finishing the dance.
> I am doing this on my mother's behalf who is 3 hours away from me so I > can't see exactly what is happening. Apparently, a box came up that > said "threat found, trojan horse, heal now" It wasn't coming from her > virus scanner or so she thinks as AVG wasn't on the box anywhere. so > she clicked heal..her computer shut down and now when she turns it on > and it gets to the startup winXP screen it restarts in a loop..She just > bought another computer because she was having probs with these trojan > notices and her computer going screwy...The hardest thing is, I have to > direct a computer illiterate person over the phone..I hope there is an > easy resolve to this..har har... > thanks
I'm going through this right now. AVG. flooder.ake detected in winlogon. Clicked heal, machine went into a constant loop. I suspected a false positive, but it isn't my machine. Trying safe mode, picking a restore point... nope. I'll try extracting winlogon from the cd, but I'm not hopeful. Regardless, AVG is off this machine. It has fucked up too many times.
On 6 Dec 2006 05:57:49 -0800, 4deadcrowsstu...@gmail.com wrote:
>I am doing this on my mother's behalf who is 3 hours away from me so I >can't see exactly what is happening. Apparently, a box came up that >said "threat found, trojan horse, heal now" It wasn't coming from her >virus scanner or so she thinks as AVG wasn't on the box anywhere. so >she clicked heal..her computer shut down and now when she turns it on >and it gets to the startup winXP screen it restarts in a loop..She just >bought another computer because she was having probs with these trojan >notices and her computer going screwy...The hardest thing is, I have to >direct a computer illiterate person over the phone..I hope there is an >easy resolve to this..har har... >thanks
Shel-hed wrote: > I'm going through this right now. AVG. > flooder.ake detected in winlogon. Clicked heal, machine went into a constant > loop. > I suspected a false positive, but it isn't my machine. > Trying safe mode, picking a restore point... nope. > I'll try extracting winlogon from the cd, but I'm not hopeful. > Regardless, AVG is off this machine. It has fucked up too many times.
I'm also dealing with this, on machines that are about five years old. AVG is claiming the Compaq Operating System CD with a 2001 Copyright also has the virus. Screams False Positive to me.
I was able to pull the drive and install it as a second drive on another machine. Since AVG hosed WinLogon.exe, I'm extracting a new copy from the i386 folder. We'll see if it works.
Shel-hed wrote: > I'm going through this right now. AVG. > flooder.ake detected in winlogon. Clicked heal, machine went into a > constant loop. > I suspected a false positive, but it isn't my machine. > Trying safe mode, picking a restore point... nope. > I'll try extracting winlogon from the cd, but I'm not hopeful. > Regardless, AVG is off this machine. It has fucked up too many times.
I would think it was you and not AVG.
--
Let the unseen day be. Today is more than enough.
___Sador the carpenter to Turin Tolkien, The Unfinished Tales
Update- Replacing winlogon didn't work, uninstalling AVG in safe mode worked. I guess when it did it's auto update this A.M. it pharked itself up. FWIW, the first thing I tried was restoring the file from the virus vault. Nope. Then I expanded the file from the XP cd to C:\, copied to system32, renamed from ex_ to exe, no luck. I guessed that the problem might be AVG itself causing the reboot, so I uninstalled, problem fixed.
I would guess that the OP should get Mom to go into safe mode (tap f8 during boot), restore the file from the virus vault, then uninstall AVG. Buy her a nice wired router and tell her to stop surfing pron.
On Wed, 06 Dec 2006 17:50:07 GMT, Shel-hed <mush-...@privacy.net> wrote:
>I'm going through this right now. AVG. >flooder.ake detected in winlogon. Clicked heal, machine went into a constant >loop. >I suspected a false positive, but it isn't my machine. >Trying safe mode, picking a restore point... nope. >I'll try extracting winlogon from the cd, but I'm not hopeful. >Regardless, AVG is off this machine. It has fucked up too many times.
Same situation here. Looking at the machines, it appears the machine that has no problem with WinLogon.exe is at SP1. The problem machine looks like it doesn't even have SP1. The machine only recently got internet connectivity, but I could have sworn it got SP1 back when it was initally set up. The fact that the internet is not flooded with reports of this problem would support a theory that SP1 & SP2 machines are not affected.
It most absolutely certainly is a case of false positive.
On Wed, 6 Dec 2006 13:43:07 -0600, "ellis_jay" <ellis_...@firstbase.coma> wrote: >Shel-hed wrote: >> I'm going through this right now. AVG. >> flooder.ake detected in winlogon. Clicked heal, machine went into a >> constant loop. >> I suspected a false positive, but it isn't my machine. >> Trying safe mode, picking a restore point... nope. >> I'll try extracting winlogon from the cd, but I'm not hopeful. >> Regardless, AVG is off this machine. It has fucked up too many times.
>I would think it was you and not AVG.
Yes. I knew better, but it was early and I hadn't finished my coffee. The other problem here was that if it really was infected, I might not have been told about it for days or weeks... "Uhh.. oh ya, I forgot to mention that..", so I didn't know for sure whether it was a recent problem. Oh well. Live and learn. From now on no important work gets attempted before 10:00 a.m. :-)
Shel-hed wrote: > On Wed, 6 Dec 2006 13:43:07 -0600, "ellis_jay" <ellis_...@firstbase.coma> wrote:
> >Shel-hed wrote: > >> I'm going through this right now. AVG. > >> flooder.ake detected in winlogon. Clicked heal, machine went into a > >> constant loop. > >> I suspected a false positive, but it isn't my machine. > >> Trying safe mode, picking a restore point... nope. > >> I'll try extracting winlogon from the cd, but I'm not hopeful. > >> Regardless, AVG is off this machine. It has fucked up too many times.
> >I would think it was you and not AVG.
> Yes. I knew better, but it was early and I hadn't finished my coffee. The > other problem here was that if it really was infected, I might not have been > told about it for days or weeks... > "Uhh.. oh ya, I forgot to mention that..", > so I didn't know for sure whether it was a recent problem. > Oh well. Live and learn. From now on no important work gets attempted before > 10:00 a.m. :-)
WHAT A CRAPPY DAY!!! Today's program is sponsored by the word F#@$!!!!. Clearly I'm in the same boat as many of you... or should I say my clients are. Shel-hed is right, uninstall AVG and you will be ok assuming of course you have a local admin account to log in with other wise you are probably S.O.L..
Has anyone gotten any info from Grisoft about this whole debacle?
On Wed, 06 Dec 2006 19:39:08 GMT, Shel-hed <mush-...@privacy.net> wrote: >Update- >Replacing winlogon didn't work, uninstalling AVG in safe mode worked. I guess >when it did it's auto update this A.M. it pharked itself up.
I forgot to mention that I decided to try scanning winlogon on the XP cd. It came back as infected. Further proof of my own brain-farting fault. I should have done that first. I don't know what all the non-geeky panic-proners would do though... buy another computer I guess.
Ok, thanks everyone for all the advise and most of you are right, I got mom into safe mode and ran an avg scan and found this flooder virus..so then I found instructions on removing it.. http://www.suggestafix.com/index.php?showtopic=24151
Only probelm is now my moms computer won't start up in safe mode again, it crashes...she doesn't have the install cd to reinstall..friggn viruses..who are these people with no lives...nasty creatures...
On Dec 6, 2:59 pm, Leythos <v...@nowhere.lan> wrote:
> In article <0a0en2hbr8jjk023rg6p3ma00cn0tj6...@4ax.com>, mush- > h...@privacy.net says...
> > I'm going through this right now. AVG. > >flooder.akedetected in winlogon. Clicked heal, machine went into a constant > > loop.Lookup the windows xp repair/reinstall process on google, all you need > is your XP CD and you can recover from this without the loss of any of > your data (most times) and then you can download and run the Multi-AV > scanner written by David Lipman to clean your machine.
> --
> spam999f...@rrohio.com > remove 999 in order to email me
nevermore studio wrote: > Ok, thanks everyone for all the advise and most of you are right, I got > mom into safe mode and ran an avg scan and found this flooder virus..so > then I found instructions on removing it.. > http://www.suggestafix.com/index.php?showtopic=24151
> Only probelm is now my moms computer won't start up in safe mode again, > it crashes...she doesn't have the install cd to reinstall..friggn > viruses..who are these people with no lives...nasty creatures...
> On Dec 6, 2:59 pm, Leythos <v...@nowhere.lan> wrote: > > In article <0a0en2hbr8jjk023rg6p3ma00cn0tj6...@4ax.com>, mush- > > h...@privacy.net says...
> > > I'm going through this right now. AVG. > > >flooder.akedetected in winlogon. Clicked heal, machine went into a constant > > > loop.Lookup the windows xp repair/reinstall process on google, all you need > > is your XP CD and you can recover from this without the loss of any of > > your data (most times) and then you can download and run the Multi-AV > > scanner written by David Lipman to clean your machine.
> > --
> > spam999f...@rrohio.com > > remove 999 in order to email me
Folks, if you can get in via Safe Mode, don't bother trying to copy over another version of Winlogon.exe. Once you get in via Safe Mode uninstall AVG then reboot. I've done this on every pc I had this issue with... afterwards install at least SP1a on the pc and reinstall AVG. This should fix the problem... Grisoft has confirmed that this false positive is a problem with XP installs that have not had a service pack installed.
|
