0 Replies Latest reply on Apr 21, 2010 3:01 AM by arifft

    Operating Sytem

      Dear Friends

       

      I wonder if you can be kind enough to offer some advice on a recent bad event that took place on my laptop over the weekend.


      Recently I have a trojan/virus/malware (not sure which species) attack despite having a an antivirus software (McAfee) on my laptop. I knew  my laptop was infected because McAffe warned me to the effect that my pc has been compromised. Further i received a popup message that states some components of McAfee (exe file) encountered problems and has to be aborted. Running a full scan hangs McAfee. I resorted to restoring my system drive using a backup image which I created before my laptop was infected and works fine as a temporary solution.


      After a few failed attempts to disinfect and reinstalled the antivirus software, I informed McAfee about the infection and they remotely accessed my laptop to remove the threat and reinstalled McAffee. However, after restarting my laptop (i.e. after the disinfection process and reinstallation of McAfee),  I experienced similar incidences when i personally disinfect and reinstalled McAffee i.e.


      # I noticed that the laptop has difficulty making wifi connection (as indicated from the wifi icon on the task bar) and thus I cannot go on line.


      # My windows was not running properly and hangs frequently. For example I could not open My Computer and Network Folders or it hangs upon accessing them.


      # Upon shutting down, the laptop displays a lot of "ending program....." messages appeared and does not shut down immediately / it hanged. I had to do a hard shutdown.

       


      I informed McAfee about the matter. Initially they thought  it was a windows problem or a problem with the internet service provider.


      However  upon mentioning to them that the "ending program..." messages upon shutting down includes ending "dll" and "explorer" components messages, the McAfee technician immediately suspected that a trojan had replicated my dll and exe files and he directed me to take some initial steps through the phone to restore my wifi  for him to remotely access my laptop.


      His preliminary actions has returned my laptop to working order with the reinstalled McAfee at that instant. Howver I have refrained from using the laptop as the technician shall continue working on my laptop tomorrow.


      As

       

      # the "dll" and "explorer" files referred to above are components of the operating system (Windows XP in my case),

      # restoring my system image files (using Norton Ghost 14) created before the infection happened and


      # "disinfection" process followed by re-installation of the antivirus software by McAfee technician

       

      does not immediately resolve my problem, a thought strikes me to avert similar incidences in the future.


      That is, to have two OSs in my laptop, one working and one spare (i.e. redundant) so that in the event one is corrupted I could boot using the spare/redundant OS residing in my laptop (presuming its dll and explorer files are intact / not affected by the "trojan") as having an image of my system file before it was infected doesn't fully guarantee that my OS is in good order. The two OSs if possible are identical  or they can be different e.g. one is Windows 7 & and the other Vista (one of them is redundant for emergency purposes).


      I would appreciate your advice if the  strategy of having two OSs in my laptop shall achieve my above mentioned objective.


      Regards