Re: Removing infected files from system restore
From: Patti MacLeod (pam120_at_nospamshaw.ca)
Date: 06/24/04
- Next message: David Candy: "Re: netsh"
- Previous message: Jamal Mubarik: "USB stopped working after upgrade to WIN XP Pro"
- In reply to: lorne: "Re: Removing infected files from system restore"
- Next in thread: Alex Nichol: "Re: Removing infected files from system restore"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 23 Jun 2004 22:00:28 -0400
Symantec has a removal tool for that worm:
http://tinyurl.com/342ky
Regards,
-- Patti MacLeod Microsoft MVP - Windows Shell/User "lorne" <stoner_123@hotmail.com> wrote in message news:e$lO11YWEHA.2576@TK2MSFTNGP10.phx.gbl... > it was a 2 fold question... the nasty worm is everywhere!! > thanks > > "Patti MacLeod" <pam120@nospamshaw.ca> wrote in message > news:u1a9tmYWEHA.1368@TK2MSFTNGP10.phx.gbl... > > From the subject line that you entered, I thought that the infected files > > were in System Restore. > > > > Disable AVG before running another virus scan, such as Housecall. It may > be > > that AVG has falsely detected the bagle.n worm (and the absence of the > > running process in Task Manager, combined with not finding anything in the > > Run folder seems to suggest that your system is not infected), so I would > > highly suggest running Houscall again, or even Panda's Active Scan. > > > > > > > > Regards, > > > > -- > > Patti MacLeod > > Microsoft MVP - Windows Shell/User > > > > "lorne" <stoner_123@hotmail.com> wrote in message > > news:uQg8LIYWEHA.3972@TK2MSFTNGP12.phx.gbl... > > > Thanks, but what if they are not in the system restore folder? Lots are > > in > > > the c:\windows\system32\dllcache folder and the c:\windows\wt folder! > > > I tried stinger and housecalls but everytime it gets to those folders, > avg > > > pops up and says to run avg. avg finds them but cannot remove them. So > i > > > go to ctrl-alt-del to shut down the processes but nothing is abnormal > > there. > > > I also did the regedit and looked in the run folder, but nothing > abnormal > > > there either. > > > Any suggestions? > > > > > > Thanks again > > > > > > > > > "Patti MacLeod" <pam120@nospamshaw.ca> wrote in message > > > news:uc$kpBYWEHA.556@tk2msftngp13.phx.gbl... > > > > Hi lorne, > > > > > > > > If the infected files are in the system restore checkpoint files, the > > only > > > > way to get rid of them is to turn off System Restore (which clears ALL > > > > Restore points), restart the computer, and then turn on System > Restore. > > > > Instructions for this are available in this MSKB article: > > > > http://support.microsoft.com/default.aspx?scid=310405 > > > > > > > > > > > > Regards, > > > > > > > > -- > > > > Patti MacLeod > > > > Microsoft MVP - Windows Shell/User > > > > > > > > "lorne" <stoner_123@hotmail.com> wrote in message > > > > news:ed9VT7XWEHA.3944@tk2msftngp13.phx.gbl... > > > > > hi all, > > > > > my avg keeps telling me i have bagle.n worm. i followed > instructions > > > from > > > > > various websites however, they all say to stop the process first. > > When > > > i > > > > do > > > > > ctl-alt-del, the files they say to stop are not there. > > > > > I was told that once the virus has spread, teh best solution is to > > > > reformat > > > > > and reinstall everything. Is this true? > > > > > > > > > > thanks > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
- Next message: David Candy: "Re: netsh"
- Previous message: Jamal Mubarik: "USB stopped working after upgrade to WIN XP Pro"
- In reply to: lorne: "Re: Removing infected files from system restore"
- Next in thread: Alex Nichol: "Re: Removing infected files from system restore"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
