-
November 24th, 2004, 08:18 AM
#1
Senior Member
War-Against-Worm
Hi guys here is the saga to my war-against-worms. The system is XP with NAV2K. Here I go....
I had Norton 2k installed on my system which I kept updating in about once a month, few months back the live update subscription of my Norton got expired and for few months I was on my non-updated AV system. Then one day I experienced my PC slowing down and its performance degrading, on a closer look I found multiple unknown processes and number of unexplained network connections when I used my dial-up. Being a computer guy (but not a sys admin) I rushed of to Internet searched for all the suspected processes. I removed as many files/registry entries/services etc. that I could from the information I received on the net.
I followed this up with online scans from adwarwe, Norton and trend and some more. They did find two worms and cleaned them, I did a fresh round of complete scans and my system was certified clean of virus. Oh! I forgot to mention that I had to download a utility from Symantec to remove Norton, as the virus had made Norton incapable of doing anything (even uninstall !!). I finally got CA's EzArmor firewall+Av suit and installed it. I completed the process by updating my XP to SP2.
I though that I had done enough to get rid of the menace but I had a surprise waiting. I suddenly found my system getting realllllly slowed down, no funny processes but lots of svchost eating up huge memories and having lots of I/O reads (above 1000 in 5 minutes) same for my lsass process. I checked these figures with other systems and did find the I/O read property abnormally high , coupled with this after about 5 days of usage my dial/up broke and then my lan access broke. I mean now I can not connect to outside world, reinstalling drivers doesn’t help (firewalls were disabled and there is nothing related to new AV or Sp2 that could be causing these problems) . Phew.... I could have easily formatted my system, but I was hell bent upon removing the worms/spyware without a reformat.
I just want to ask you guys one thing, What the heck did I do wrong. Is there something I can still do and get out of this mess. After my LAN-die out I really wanted to reformat my system, this is my last attempt to resolve this issue. Its been over a month and I dint keep track of my actions, that’s why you see stuff like "few more", "etc', "few worms" and all.
OK I should add this, some of the initial processes were, ftpd.exe, update32.exe, some service that said it was USB2 driver etc.
TIA.
Better Laugh At Your Own Problems..
Coz...The World Laughs At Them
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|