Xp Virus - Help Appreciated

Status
This old topic is closed. If you want to reopen this topic, contact a moderator using the "Report Post" button.
Hi.

I am running Windows XP SP2 with Panda AV Platinum - all up to date.

Panda has reported 2 incidents of W32/DMSPatch.A.

Both appear to be registry entries pointing to this file :-
c\windows\system32\dmserver.dll

After a scan, Panda puts the virus on report but does nothing else.
During use, the virus is intercepted by Panda (red info box in corner) and says it has been neutralised and quarentined. However, the file is still there and nothing appears in quarentine.

I cannot rename the file, delete it or anything else even though 1 site suggests replacing with a clean copy.

Panda website states that it should delete the file!

Anyone come across this ??
Anyone suggest anything (oher than get a Mac!)

Andy
 
diyAudio Moderator Emeritus
Joined 2001
There are a lot of good computer people on here, but here are two sites which specialize in this sort of thing where I have gone successfully in the past.

aumha.net I have gone to many times. I am amazed at the lengths the people at aumha have gone to to help-realy detailed, step-by-step advice.

Castle Cops I have gone to only twice, but was quite pleased with the response.


www.aumha.net

www.castlcops.com
 
If the contents of an executable file, in this case a dll, are loaded in memory, the file gets locked by Win XP. When you open a DOS session in Win XP that is only emulation, since XP, unlike Windows 95 and 98, is not DOS based. To remove the offending file you need to boot the machine using MS DOS, DR DOS, or other OS that understands FAT32. That OS should be loaded from a diskette or USB device, if the BIOS on your board supports it.
 
Member
Joined 2005
Paid Member
Yes, Grimberg is correct.

You need to Boot to any recent version of DOS (I think 6.22 is latest)... I assumed you were booting to DOS. That access denied didn't sound right, as there should not be any accessibility issues with that file when booting into DOS.

Find and download a Win 95, 98 or Win ME boot disk. Boot to that DOS disk.

Then find your way to the file and delete, rename, or replace with a know good file and your set.
 
Problem Solved - I Hope !!!

Hi All,

Thanks for the help.

I had also come to the conclusion that I would have to boot to DOS . The only problem being that at the moment I am on a survey ship in the middle of the Indian Ocean and all the computers onboard are RedHat , WinXP or worse Vista !!

So I had to download a Win98SE image and burn a floppy.

Having done that and booted to C:\ , I was able to rename the offending file and replace with a clean version.

I am scanning as I write and so far all is well.


Thanks again
Andy
 
XP Virus

Hi Andy

Congrats:D Triumph over evil (with a little help from our friends). I run the same setup and same Panda antivir.

Spam has onbly been a very occasional problem but the last two weeks, developed into a veritable flood. At first, I hoped it would stop but it didn't. So, abvout a week ago. I started forwarding each one to my service provider (who can barely keep up with blacklist confirmations).

Anyway, I'm glad to reasd your prob's are no more. Happy festivities and a perfect 2009 to you and all diy'ers:cool:

bulgin
 
Status
This old topic is closed. If you want to reopen this topic, contact a moderator using the "Report Post" button.