trojan.wimad

<gsaliceti.DeleteThis@bellsouth.net> wrote in message
news:1189738009.277188.21870@y42g2000hsy.googlegroups.com...
> my dearest 17 year old downloaded a file that infected my computer
> with the trojan wimad (i am not computer literate and have spent
> almost 2 days trying to educate myself!!). I am unable to open
> any .exe file, therefore i can't download any reputable virus
> protection program (which i already bought and cant install) since my
> free AVG was worthless. Unfortunately (live and learn) I have not
> back-
> up my documents, etc, so I cant do that recovery thing because I will
> loose everything! I read something about registry but I am so lost.
> Is there a for dummies virus removal solution?
> Please HELP, I have already restricted use of ANY computer to my son!
> Thanks


The files listed here are all ZIP files, which contain a REG (Registry)
file. Download the ZIP and open it. Extract the REG file to your hard
disk and double click it. Answer yes to the import prompt. REG files
can be viewed in Notepad. Each of the REG files contains the default
settings for the file extension indicated. For the ZIP file fix, the
download is a REG file, since ZIP's aren't working anyway!

NOTE: If your EXE file associations are corrupted, it can be difficult
to open REGEDIT, or to even import REG files. To work around this,
press CTRL-ALT-DEL and open Task Manager. Once there, click File, then
hold down the CTRL key and click New Task (Run). This will open a
Command Prompt window. Enter REGEDIT.EXE and press Enter.
Thanks to Nigel Andrews for this tip.

Restore default association for EXE files:
http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip

Windows XP File Association Fixes:
http://www.dougknox.com/xp/file_assoc.htm

-jen
 >> Stay informed about: trojan.wimad 

"jen" <> wrote in message news:> <
> wrote in message news:
>> my dearest 17 year old downloaded a file that infected my computer
>> with the trojan wimad (i am not computer literate and have spent
>> almost 2 days trying to educate myself!!). I am unable to open
>> any .exe file, therefore i can't download any reputable virus
>> protection program (which i already bought and cant install) since my
>> free AVG was worthless. Unfortunately (live and learn) I have not back-
>> up my documents, etc, so I cant do that recovery thing because I will
>> loose everything! I read something about registry but I am so lost.
>> Is there a for dummies virus removal solution?
>> Please HELP, I have already restricted use of ANY computer to my son!
>> Thanks
>
>
> The files listed here are all ZIP files, which contain a REG (Registry)
> file. Download the ZIP and open it. Extract the REG file to your hard
> disk and double click it. Answer yes to the import prompt. REG files can
> be viewed in Notepad. Each of the REG files contains the default settings
> for the file extension indicated. For the ZIP file fix, the download is a
> REG file, since ZIP's aren't working anyway!
>
> NOTE: If your EXE file associations are corrupted, it can be difficult to
> open REGEDIT, or to even import REG files. To work around this, press
> CTRL-ALT-DEL and open Task Manager. Once there, click File, then hold
> down the CTRL key and click New Task (Run). This will open a Command
> Prompt window. Enter REGEDIT.EXE and press Enter.
> Thanks to Nigel Andrews for this tip.
>
> Restore default association for EXE files:
> http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip
>
> Windows XP File Association Fixes:
> http://www.dougknox.com/xp/file_assoc.htm
>
> -jen
I'm not sure how to remove wimad, but I don't think it will require a
re-install of Windows, and I definitely wouldn't recommend Jen's programs
that 'restore' your registry.
You say you bought antivirus software. Is there a possibility you can boot
from that CD? This may require hitting DEL or F2 or whatever your bootup
screen says for entering the BIOS and making CD a boot option prior to hard
drive bootup. Try just sticking the antivirus CD in the CD and turning the
computer on.
wimad is a trojan from 2005 that you download as a music file, or media file
that exploit's Windows Media Player DRM problem.
A second suggestion is to turn off Windows System Restore feature, then
re-boot in safe mode (hit F8 as booting about every second, and choose safe
mode when the option screen comes up.) Then you may be able to install and
run your purchased anti-virus.
 >> Stay informed about: trojan.wimad 

Jen's advice is correct. Re-read the question.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



"Russg" <russgilb.RemoveThis@MUNGEsbcyahoo.net> wrote in message
news:gwCGi.2734$ZA5.2593@nlpi068.nbdc.sbc.com...
>
> "jen" <> wrote in message news:> <
>> wrote in message news:
>>> my dearest 17 year old downloaded a file that infected my computer
>>> with the trojan wimad (i am not computer literate and have spent
>>> almost 2 days trying to educate myself!!). I am unable to open
>>> any .exe file, therefore i can't download any reputable virus
>>> protection program (which i already bought and cant install) since my
>>> free AVG was worthless. Unfortunately (live and learn) I have not back-
>>> up my documents, etc, so I cant do that recovery thing because I will
>>> loose everything! I read something about registry but I am so lost.
>>> Is there a for dummies virus removal solution?
>>> Please HELP, I have already restricted use of ANY computer to my son!
>>> Thanks
>>
>>
>> The files listed here are all ZIP files, which contain a REG (Registry)
>> file. Download the ZIP and open it. Extract the REG file to your hard
>> disk and double click it. Answer yes to the import prompt. REG files
>> can be viewed in Notepad. Each of the REG files contains the default
>> settings for the file extension indicated. For the ZIP file fix, the
>> download is a REG file, since ZIP's aren't working anyway!
>>
>> NOTE: If your EXE file associations are corrupted, it can be difficult
>> to open REGEDIT, or to even import REG files. To work around this, press
>> CTRL-ALT-DEL and open Task Manager. Once there, click File, then hold
>> down the CTRL key and click New Task (Run). This will open a Command
>> Prompt window. Enter REGEDIT.EXE and press Enter.
>> Thanks to Nigel Andrews for this tip.
>>
>> Restore default association for EXE files:
>> http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip
>>
>> Windows XP File Association Fixes:
>> http://www.dougknox.com/xp/file_assoc.htm
>>
>> -jen
> I'm not sure how to remove wimad, but I don't think it will require a
> re-install of Windows, and I definitely wouldn't recommend Jen's programs
> that 'restore' your registry.
> You say you bought antivirus software. Is there a possibility you can
> boot from that CD? This may require hitting DEL or F2 or whatever your
> bootup screen says for entering the BIOS and making CD a boot option prior
> to hard drive bootup. Try just sticking the antivirus CD in the CD and
> turning the computer on.
> wimad is a trojan from 2005 that you download as a music file, or media
> file that exploit's Windows Media Player DRM problem.
> A second suggestion is to turn off Windows System Restore feature, then
> re-boot in safe mode (hit F8 as booting about every second, and choose
> safe mode when the option screen comes up.) Then you may be able to
> install and run your purchased anti-virus.
>
>
 >> Stay informed about: trojan.wimad 

"Russg" <russgilb.DeleteThis@MUNGEsbcyahoo.net> wrote in message
news:gwCGi.2734$ZA5.2593@nlpi068.nbdc.sbc.com...
> "jen" <> wrote in message news:> <
>> wrote in message news:
>>> my dearest 17 year old downloaded a file that infected my computer
>>> with the trojan wimad (i am not computer literate and have spent
>>> almost 2 days trying to educate myself!!). I am unable to open
>>> any .exe file, therefore i can't download any reputable virus
>>> protection program (which i already bought and cant install) since
>>> my
>>> free AVG was worthless. Unfortunately (live and learn) I have not
>>> back-
>>> up my documents, etc, so I cant do that recovery thing because I
>>> will
>>> loose everything! I read something about registry but I am so lost.
>>> Is there a for dummies virus removal solution?
>>> Please HELP, I have already restricted use of ANY computer to my
>>> son!
>>> Thanks
>> The files listed here are all ZIP files, which contain a REG
>> (Registry) file. Download the ZIP and open it. Extract the REG file
>> to your hard disk and double click it. Answer yes to the import
>> prompt. REG files can be viewed in Notepad. Each of the REG files
>> contains the default settings for the file extension indicated. For
>> the ZIP file fix, the download is a REG file, since ZIP's aren't
>> working anyway!
>> NOTE: If your EXE file associations are corrupted, it can be
>> difficult to open REGEDIT, or to even import REG files. To work
>> around this, press CTRL-ALT-DEL and open Task Manager. Once there,
>> click File, then hold down the CTRL key and click New Task (Run).
>> This will open a Command Prompt window. Enter REGEDIT.EXE and press
>> Enter.
>> Thanks to Nigel Andrews for this tip.
>> Restore default association for EXE files:
>> http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip
>> Windows XP File Association Fixes:
>> http://www.dougknox.com/xp/file_assoc.htm
> I'm not sure how to remove wimad, but I don't think it will require a
> re-install of Windows, and I definitely wouldn't recommend Jen's
> programs that 'restore' your registry.
> You say you bought antivirus software. Is there a possibility you can
> boot from that CD? This may require hitting DEL or F2 or whatever
> your bootup screen says for entering the BIOS and making CD a boot
> option prior to hard drive bootup. Try just sticking the antivirus CD
> in the CD and turning the computer on.
> wimad is a trojan from 2005 that you download as a music file, or
> media file that exploit's Windows Media Player DRM problem.
> A second suggestion is to turn off Windows System Restore feature,
> then re-boot in safe mode (hit F8 as booting about every second, and
> choose safe mode when the option screen comes up.) Then you may be
> able to install and run your purchased anti-virus.

OP can't boot with a NAV CD, which is what the OP bought. And OP can't
install and run *any* AV until OP's EXE file association is restored...
that is the first thing to be done. The link I posted provides a simple
restoration of the EXE file association(from a respected source), since
OP is afraid of editing the registry. Did you even read the part where
OP is unable to run EXE files(a common malware effect)? Your
comprehension is a bit lacking, I'm afraid

-jen
 >> Stay informed about: trojan.wimad 

I have never encountered these problems.
Pardon. Take Jen's advice, sounds good to me.
 >> Stay informed about: trojan.wimad 

Jen seems to know more about the OP and the wimad trojan than is presented
in the thread (OP has bought Norton Antivirus) I've never heard of an
inability to open any .exe file, this is true even in Safe mode.... also in
command c: prompt mode?
I'll just give Symantec Removal wimad instruction URL:
http://www.symantec.com/security_response/writeup.jsp?docid=2005-01121...709-99&

Since wimad causes download and execution of other files, the results could
be the corruption of the registry.
 >> Stay informed about: trojan.wimad