On Monday, 19 November 2007, Ross S. W. Walker rwalker at medallion.com wrote: <snip>
You can fix it all from CentOS.
Ross: In addition to coming up with another slick way to fix this box, which I truly appreciate, you came up with the below:
You need to run some kind of rootkit detection and cleaner on the system before it reboots or else it will just reinstall itself.
Question: What would you suggest I run? Suggestions are most welcome and solicited! BTW, the system has been shut down and rebooted a bunch of times (in Linux) since the Trojan Horse hit. I have the AVG Free anti virus program running in Windows and it told me about the Trojan Horse and that the user32.dll file was damaged. It's possible that because the box is Spanish in Windows, I clicked incorrectly and made this problem much worse, but I'm not sure of that.
I would run all Windows accounts as restricted users from now on.
I'll try to figure out how to do that in WinXP. I won the box in a raffle and it has WinXP in Spanish, which is not my native language. If I need to reinstall everything (I believe I can avoid that, with the suggestions you and others on this mailing list have made), Dell sent me an English language WinXP CD, last week, and I'll install in English, if it comes to that.
All of your comments and suggestions are greatly appreciated! I am beginning to *hate* MS Windows, but there are still a few things we use it for. Lanny