You can read a lot about antivirus and antispyware software failing to catch up with the explosive growth of viruses that are surrounding the net. For the first time, I saw all the software really failing to remove a virus, even if it knew that it was there.
My first encountering of the spyware was a few weeks ago (on a machine not of my own). I lost an entire day searching for a remedy, that resulted in nothing. My first try was to just do a basic scan with the available software (NOD32 and SpyBot), which detected the virus, but couldn't do anything to remove it. Trying in safemode, was the obvious next step. I was surprised to see that virtumonde even loaded in safemode, and therefore I couldn't remove it. Then I began my search on the net with the hope to find some quick solution (time is precious). Hours after trying to remove it from starting, various virtumonde "fixes", other antivirus and spyware software, it ended in nothing.
I was really determined not to surrender to this nasty peace of software, and therefore I had one last hope: isolate XP, and remove the damn thing manually. So I booted with Hiren's Boot CD a mini version of XP, with which I hoped to remove virtumonde while it wasn't active. I did in advance locate the files and registry keys (which I got by scanning with Spybot). And finally, when I deleted the files, removed the registry keys, booted up the machine, the virus was eliminated! :D
To sum things up, the spyware is nasty, really nasty. Haven't seen any other spyware that was more persistent than this. If you get infected by something like this, you end up either formatting your drive or do it manually like I did. There may be other, maybe easier ways, to overcome this problem, but here's one solution that worked for me:
1. Scan the system with SpyBot and locate the files that it found
2. Delete them with SpyBot and reboot the system
3. Boot mini XP with Hiren's boot CD
4. Now go to the windows system folder (or there where the files were reported), and sort the files by modification date. Because we deleted the files in step 2, the virus should have recreated itself again. So this is a quick way to identify all the files, since these are the last created ones.
5. Remove these files and any other files that were reported in step 1
6. Reboot the system and do a final scan with spybot, to make sure it is completely removed
7. You should be very happy now. :D
Sunday, June 21, 2009
Friday, June 12, 2009
Unable to load OfficePluginRes.dll
Haven't seen much of solutions on the net about this, so here's my own workaround.
There are some "addins" that are used by all office programs, and apparently the contribute plugin somehow got broken on my system.
The error while starting any of the office programs might look something like this:
"Unable to load OfficePluginRes.dll. Contribute may not be installed properly."
The fix is to disable the loading of this addin by simply doing the following:
1. Run regedit
2. Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\
3. Pick your program where the error occurs (in my case Outlook)
4. Open: Adobe.Contribute.OfficePlugin
5. The DWORD value "LoadBehavior" should be set on 3. Change it to 0.
This should be a quick fix to get rid of that nasty message.
There are some "addins" that are used by all office programs, and apparently the contribute plugin somehow got broken on my system.
The error while starting any of the office programs might look something like this:
"Unable to load OfficePluginRes.dll. Contribute may not be installed properly."
The fix is to disable the loading of this addin by simply doing the following:
1. Run regedit
2. Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\
3. Pick your program where the error occurs (in my case Outlook)
4. Open: Adobe.Contribute.OfficePlugin
5. The DWORD value "LoadBehavior" should be set on 3. Change it to 0.
This should be a quick fix to get rid of that nasty message.
Subscribe to:
Posts (Atom)