Thread: master ide controller
View Single Post
  #4  
Old September 19th 04, 05:36 PM
Noel Paton
external usenet poster
  
Posts: n/a
Default
Annalee
No 'virus' in the System Restore archive can be active - so it cannot
affect your system. Look here for details....
http://support.microsoft.com/?scid=263455

The reason that the ultimateboot disk doesn't work is simple - you have
GoBack installed!! - it changes the MBR in such a way that neither the
conventional EBD/Startup disk, nor the Ultimate Boot Disk can read the drive
properly.
Look here for details...
http://service1.symantec.com/SUPPORT...sv=&os v_lvl=


Stinger is NOT an anti-virus program - it's a specific/targeted removal
tool, and needs to be manually replaced/updated before each use - it does
NOT sit in the background in the way that AV's do.

DO NOT attempt to modify any files within the SR archive - doing so will
certainly break SR until you manually reset it or clear the history!!!

PLEASE read what's written - either uninstall GoBack, or disable System
Restore. one or the other. Then post back

--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm
http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"annalee15" wrote in message
...
Hi Noel,

thank you so much for the info, bookmarked the sites to check out when i
have time. Here is what happened:

First off i cannot do a thing with my restore folder.

So I went further to the clear system restore and found out my ultimate
windows me boot up would not work, so i had no choice but to go and create
one , booted up and tried to use the attrib command:

Drive c does not contain a valid fat or fat 32 partition. may need to be
partioned. run fdisk from ms dos prompt (which i may end of having to do
but do not want to do.) I would like to be sure of the trojan that caused
this problem.

it went on to say "some viruses also cause drive c to not register. which
i
am sure is what is happening here.

just for laughs I'm running stinger on it now but i know from past
experience it will not let any virus detection or scan register any
problems. and i saw for myself how it changed and renamed every file in
restore.

Are you familiar with the revop trojan? this if i remember correctly is
the
one that was in restore and i could not get rid of it. i have them all
written down on a paper . I looked this up to get info on it and could
not
find it listed anywhere as a trojan. different sites give different names
to
them from what i understand.

i just tried once again to get into restore folder, unchecked hidden ,
then
hit reply and it will not let me change attributes. really frustrating.
trying to bring to desktop and its saying dsinfo.dat in in use . since i
ran the scan computer is busy at work (doing What?) not connected to
internet so not sending out info.

I wonder if it will even let me fdisk if I finally decide to give up
figuring this out?
Debra

"Noel Paton" wrote in message
...
Annalee
First, a word of warning - do NOT attempt to have System Restore and
GoBack
running at the same time!! They will conflict, and this can result in
them
both eating huge quantities of your HD space - with the possible result
that
neither will actually work properly!

My recommendation would be to uninstall GoBack - it's a system hog - then
make sure that System Restore is enabled and functioning properly. (see
the
test procedure here - http://www.btinternet.com/~winnoel/quiktipsr.htm)

then you need to ensure your PC is clean -
start with this procedure, and come back with the results.

download the Stinger from here and run it to make sure that A-V-disabling
viruses are not present on your PC
http://download.nai.com/products/mca...rt/stinger.exe

- update your virus scanner and run a full system scan of all files.

Reboot to Safe Mode and run CWShredder - to remove variants of the
CoolWebSearch hijacker.
http://www.merijn.org/cwschronicles.html

Use CWShredder, the removal tool:
http://www.merijn.org/files/cwshredder.zip
http://www.merijn.org/files/CWShredder.exe
http://www.spywareinfo.com/downloads...CWShredder.exe
http://www.zerosrealm.com/downloads/CWShredder.zip

download AdAware from www.lavasoftusa.com, install, update, and run it to
remove spyware, adware,
and other such nasties from your system.


--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm
http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

"annalee15" wrote in message
...
My Windows Me computer was hit with trojans. Removed all but one. It
ended
up turning restore system back on and putting itself in folder.
protected
all the files and using goback, it changed the master ide controller.
It
also changed environments .

I tried to run hp recovery cd's and am told i have no hard drive or
loose
cables. I want to be able to reinstall operating system as it renamed
all
the files in restore folder. i can use this computer but i have no
control
over it. Needless to say antivirus program will not work that was
first
program it took over, then zone alarm , and go back. I tried deleting
the
vxd driver it has in there that is not signed by microsoft, and it
stopped
windows from loading in (stayed on splash screen). I had to use go back
to
go back to prior setting.

go back of course will not work to go back to settings prior to the
master
ide controller change. I have tried to change thru device manager and
it
tells me i have the best already installed.

any help other then a fdisk format greatly appreciated.
Debra