[BA.]

I'm hoping someone here can help me!

I started experiencing some odd slowness and Execution Error messages yesterday on my home machine. Then, a little bit later, I got an odd CMD prompt pop-up window entitled DL.EXE.

I knew that wasn't cool. I closed it and eventually started reading on the Internet about "DL.EXE". Seems it's *OLD*,...like 4 years old. Not really sure how I got it, it wasn't via email.

Anyhoo, there are discrepancies on the Internet about what to look for in the Registry or System32 folder. I can't find anything that is mentioned. (like syslogin.exe, Gaelicum, Cback.exe, trace32.dll, etc)
Some places say the virus will not make a registry entry, others say yes.

Soon, I lost network connectivity. I read on place that said the virus loads it's own drivers. (hmm. maybe I can 'driver cleaner' that?)

Initially, I could get to Safe Mode, now I cannot.

I tried my Ulltimate Boot cd and I can do some things, but still couldn't hit the Internet and the Avast! couldn't fix the 'Tenga' virus due to every infected file being "archived". Maybe I need a newer Boot CD.

McAfee is calling it the win32/GAEL worm, Kasperski calls it something else.

They all call it "LOW" risk but damn, I can't load windows and can't get to the internet! It'd be nice to at least save the personal files.


Any idea's?

[BA.]

quickie update....

I'm sure I've wasted over 1/2 a day on this now.
My (free) Ad-Aware did not fix anything.
My SpyBot Search&Destroy ver 1.6 and TeaTimer didn't stop anything.
Windows Defender, lame as it may be,...didn't stop anything either.
Older version of Avast! on my Ultimate Boot CD couldn't fix it.
Oh yeah, since I had it, I ran McAfee Root Kit detector also. Nothing there.


So, I found a spare drive, loaded up windows and right now I have the infected drive as a slave. I loaded a 30 trial of McAfee Virus-scan on the new/temp drive and it's now trying to fix 2000+ infected files.

Not out of the woods yet.

[South Side Goons & Hitmen]

You will probably have to purchase anti-spyware and anti-virus software. I like Norton Internet Security and I use that as it includes both anti-virus software and anti-spyware....IMHO the ultimate in anti-spyware is Webroot's Spy Hunter; that thing rocks and sniffs out every nook and cranny. You should be able to pick up either one at your local Best Buy or Circuit City. And if I recall correctly if you pick up the most recent version you can just install it, let it run, destroy the infected file then once that's done you can connect to the internet for updates.

Good Luck!!

SSG&H

[camarodude67]

Hi,

Do not use Macafee or other spyware programs that you mentioned before, they are the virus.. They just dont work.

Try AVG... and then Windows Defender should do the trick...

Additionally using a Linksys Router is the best defense and make sure your LimeWire
is off or other Pier to Pier file sharing program (Assuming you use this)... This is the major problem for most users on the .net.






Jeff G.

[click]

Webroot spyhunter fantastic stuff

[BA.]

I had read about webroot last night in my searches about DL.EXE. I'm definitely going to check it out.
Hey Camarodude67, thanks for the tips. I do have a Linksys in place. You're right, it's the first line of defense! I gotta say though, Windows Defender isn't designed to prevent this kind of stuff. btw - it was a peer-peer that basically got me into this mess. Once in 8 years ain't so bad I guess. lol

Thanks for the tips guys!

[Steptoe]

I love these...a lot of my income comes from fixing , and 99% come thru customers accessing underground sites, porn hacking etc.

The best method is to run a reasonable virus scanner, set to delete syspect files.
AVG kav, afgast, free versions are all much of a muchness..

AND hyjacjthis is great for manual fix of most...
Run it before something happens, and list the good stuff , get familar with it
Wen the perverbial hits the fan, run it before reboot, it will show ofening files, it is able to disable in most cases, then in the reboot section, set to delete offending files on reboot, manually remove the Run enries in regedit current version/ MS/Windows
And reboot.

Some get a bit more tricky, like set your screen saver to a blue screen/rebooting, and dont let u get to screen save settings
Again these are easy fixed with a coupe manual changes in reedit and deleting the .scr screen save file in /system32

[camarodude67]

LOL, right Windows Defender is not the best protection, but glad to see you have the Router. People really dont understand that this blocks most ports from unwanted programs trying to hack into your computer.

Unfortunately Limewire opens "that port" and the hackers/viruses get through.

Good luck and it might be easier to just rebuild your computer and save you some time....

This is a basic system that I use and preach to others.

Linksys Router, Wireless Turned Off.
AVG Scanner
Windows Defender
Windows Automatic Updates Enabled
No Pier to Pier Networking Software..... Running that is.

Jeff G.
OK back to the cars....
69 Verts

[phel69]

The Linksys router is O.K. as a first line defense for being seperated to a lan from your wan address. As far as helping with avoiding viruses . It won't help. You need a good antivirus program. I have used AVG free, it is OK for free. I preferred Avast's free antivirus program, it had more tweaks for a free a/v program.
Against my better judgement I bought Windows Live One Care. It does a/v, spyware and firewall all in one package that is designed to work together. I got a 3 license cd for $29.00 for a 1 year subscription.
I didn't have high hopes BUT since I have been running it on my kid's laptops they have come up clean on all scans for over 6 months. It runs very discretely in the background and I really like it. It seems to work well with Windows since M$ft makes it, or at least a company they bought makes it

[Microgiant]

Check this one out as well. Its free and cleared off "Antivirus 2009 aka Doctor Antivirus" (which is bascially a extorsion scam) easily from my dads PC. Malwarebytes' Anti-Malware

[capt68]

I ran into the same problem last week and just got the computer back to normal. I loaded Spybot, Ad-Aware, both were the free versions. Then I tried to upgrade McAfee. Each one pointed me in the same general direction......purchasing a program. In the end, I purchased Spyhunter and RegCure. The trouble is over.

My problem was a Fake-Alert. When I tried to get on the internet, a balloon would pop up with an ad for various anti-virus programs. I did a Google search on the specific bug and the search led me in the right direction. I've been trying to find a program called "Hitman" so I can kill the S.O.B's that come develop these things.

Good luck

[Z15CAM]

I installed XP when it 1st came out and have never had to run another system installation. Yes I've been hit with viruses although I have AVG and Ad-Aware on the OS. I UpDate once a Month and run a System BackUp using Ghost.EXE through DOS to a spare HDD. If infected or the OS has a glitch, rather then repairing, I simply Over-Write the entire system which only take about 20 minutes. I only run the Virus Scanner and Ad-Aware prior to doing a system backup.

You can even dump a GHO image of your existing Software on a prepared HDD and run it on different Hardware providing your run an XP Repair installation over the Image before you boot. This loads the required Hardware drivers. I burn a Spanned GHO image to a Bootable CD or DVD with a Copy of the XP SetUp files in case my existing Hardware craps. All I do is insert the disc and have my system up and running with an hour on any hardware.

There is no need to run resource hogging Apps like System Restore or a Virus Scanner in the Back Ground. With a GHO BackUp you can be as reckless as you want with the System. I also use DOS Ghost.exe for Linux Operating Systems.

MS claims DOS Attacks are Dangerous because they loose complete Control of their Product - LOL

[BA.]

Update: looks like the 30-trial of McAfee VirusScan has cleaned me up.

I'll get me a permanent program like you guys mentioned!

[Z15CAM]

Very Simple: Learn to use DOS Ghost.EXE on a Bootable Floppy or CD Disc

I can Install and Boot Up VISTA or Linux with my own Programs onto any hardware in under an hour using DOS Ghost.EXE without an existing OS - so much for GUI, NTFS or Linux File Systems.

Do NOT Under Estimate the Power of DOS. Win 3.1 DELPART.EXE Dos 5.0 is a very Powerful Disc manager and can BUST any HDD for FDisk Preparation.

Disk Preparation for Partitioning and Formatting takes longer then Dumping a System onto a Hard Drive (HDD).