argh - I hardly escaped an total crash of my PC with millions of unsaved data - well the danger is not yet quite banned yet, but at least I saved a lot of data & later on will burn them on CD's or DVD -
What happened? - my PC gave a very uncommon beepy melody while starting it up - there came an alert box by my antivirus protection guard, telling me that there is a Trojan horse virus on my virus, demanding me to decide whether to quarantine, delete, make it unable to start or ignore it - I clicked on quarantine - the same box came with a beep again - so I clicked delete - the same box came with a beep again - so I clicked 'don't let it start' - hmm - the alert box didn't pop up again - but as I couldn't neither quarantine nor delete it I was still worried & started the antivir prog to search all my files for viruses - I the presets I set 'full search with all files' - & started the scanning of my 3 harddrive volumes on my PC (will its only one HD, but partitioned) - it needed more than one hour & finally it had found one virus and this trojan virus - it gave the option to delete them, but I could only delete the virus, not the trojan - there was a message, that either I don't have admin rights (which of course I do have) or that there is an program active that uses this file - at least there was the name of the bad trojan intruder written - it was: 'jkhff.dll' in the windows/system32 folder - so I tried to just go there & delete it there - well it wasn't deletable - 'access denied' - so I tried to rename it, change something in it's properties - always 'access denied' - well the trojan is already active - he uses that dll & so of course there is access denier - or was it even the antivir prog, that couldn't delete it, but may also made it impossible to even touch that trojan dll? - I shut down the antivir prog & tried to delete it again - again in vain..hmm - because I have on this PC (my new one) a big HD of about 180 GB I once installed there with a boot manager windows xp & also the old win98, because I had still some programs who work only with win98 –
Of course meanwhile I don't use this win98 anymore, but I can still start it - so I thought it a wise idea to start my PC with win98 & delete that file from there - hmm - but I had forgot that the win XP partition wasn't visible from win98, because the xp partition was formated with the newer NTFS file system - a system that win98 (under fat16 or fat32 file system) isn't able to recognize.
My hopes to get rid of that virus got smaller & my fear to lose a lot of important files grew - so then next thing I should do would be to save those data (it was more than I half year that I did that the last time) I started again win xp - beep beep the trojan virus alert - ok - but then I had the idea to go in the registry (with command 'regedit' & search there for that bad 'dll's' name - I found it 2 times there & removed it in both places from the registry - maybe now that jkhff.dll was gone or I could delete it after the next PC start - well I couldn't -
In fact after the next PC start, the antivir programm (which is like 'zonealarm' (a firewall) always present in the task bar) - hadn't started anymore - I tried to start it via the program's list, but it just didn't start - Ooh it was getting worse - I knew from other PCs from aquaintances, who got befallen by a virus & one of their first deeds was to make antivirus progs, firewalls etc. unable to start -
I tried to open the task manager (ctrl,alt,del) - didn't work - I tried to start another program, some other progs, nothing started anymore - ooh it was getting worse & worse - I couldn't even shut down my pc so had to do it the hard way.
New Start - still the same - no prog was startable anymore, but the folders were still reachable - so maybe a chance to still copy them via network to my older PC - hmm - they both have a firewall & to connect them I had to shut down the firewall on both PC's -
hmm - but that would maybe also transport the trojan virus - eager for mischief to my older PC - where I also have a lot af data & is my last possibility to reach internet
But I remembered when about 4 or 5 years ago when I had installed my new PC with boot manager & these 2 windows versions I also had reserved a lot of HD space for a Linux –system later on I never used it - it could be only started with a boot diskette you had to put in the PC before starting - & had vaguely in memory that you could reach these NTFS partitions under Linux - but where was the start diskette? - it used to lie always in front of that PC - at least 3 or years ago - but it was gone - I searched for half an hour tried a lot of unlabeled suspected diskettes - until finally I found it, labelled 'Linux Boot' - but then the PC couldn't read that diskette anymore - too bad - but there was a second diskette unlabeled disc under that - & tried that also - & aah - it was a copy of that one- I've been wise enough once to make a copy of it (but I should have labeled it too..)
Linux started - but then it asked me my administrator's password - how should I know what password I gave years ago - I tried some of my cheaper passwords, which I sometimes use for not so important things - it was the third of them (no the password wasn't 'thirdofthem') -
Inside Linux I could find some windows partitions, one NTFS, two FAT32 - I could find most of my data on one of them fat32 partitions, but couldn't find windows xp on the NTFS partition - so I couldn't delete the virus file even from here, but at least I could reach most of my data files & copied them to a Linux partition - except one important thing - my huge favorites list of important internet adresses I had meanwhile in AOL - it would be hard to find all those adresses again - but as AOL wasn't startable anymore, I couldn't make a save copy of my favorites anymore
To copy still some more files from 'own files' to that directory I could reach in Linux i restarted XP - but to my surprise antivirus had started again & also the programs could be started again - on the other hand the virus was still there & is now still there - at least I saved my favourites meanwhile & use the spare time to write this entry to release my frustration -
I have to rebuild my PC - & this time I will use no boot manager & will throw off that linux partitions, that are spending about 70 GB for nothing - I can't quite remember, whether I still have all that progs available - I'm used to hav e on my PC & it's still a long way to go.
Don't you think that a antivir programm should protect from getting viruses, not just telling you that there is a virus & than being even unable to remove it?
This antivir is a free program, but maybe I should change to another virus protector? - Or shouldn't maybe my firewall prevent from getting this plague?
But enough for today - I'll post this & then there's still a lot to do on my PC which will probably last for days..