Re: Last ditch question
From: Bill Sanderson (Bill_Sanderson_at_msn.com.plugh.org)
Date: 09/23/03
- Next message: John Griffin: "MSBlaster removal tool"
- Previous message: helper: "Re: welchia virus"
- In reply to: robin: "Re: Last ditch question"
- Next in thread: robin: "Re: Last ditch question"
- Reply: robin: "Re: Last ditch question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Sep 2003 00:04:40 -0400
How much work are you willing to do:
I manually removed such an infection on Friday morning on a WinMe machine.
I booted with a dos diskette.
I ran Smartdrv
I exported the registry to a text file on the C drive.
Restarted in safe mode.
Used wordpad to edit the text file according to Norton's descriptions of the
registry changes made by the Swen virus.
restarted from Dos floppy
ran smartdrv
imported the registry from the text file
This worked just fine. At the end of the day, when Norton released an
automated cleaner, it found a couple of files and registry entries I'd
missed or ignored.
You can do this--it is slow and tedious and fairly risky, in terms of
errors--but very possible.
It helps to know the name the Swen executable has on your machine--AVG has
given you that, I think.
"robin" <robin@tintagelonline_nospam_.com> wrote in message
news:b80401c38183$8d59fe50$a601280a@phx.gbl...
> Thank you "helper." You have been quite helpful, actually.
> Unfortunately, I have not had enough luck with AVG. It
> enabled me, eventually, to get back to my windows ME
> desktop, but few of the .exe's work. I can't even get into
> the registry.
>
> When AVG scanned in DOS, it found 9 instances of Swen, but
> did some pretty weird stuff when I tried to heal the
> files. I couldn't use my mouse, and when I tried to use
> the arrow keys to "select all," it would actually deselect
> the files then perform another scan, showing the same 9
> files still existing. At least, it enabled me to get back
> to my desktop, but it is clear to me that Swen is still on
> my laptop. This virus is a bitch, and whoever made it
> should be.... well, you decide.
>
> Do you know of any utility fixes that might work from the
> real DOS prompt?
>
> R~
>
>
>
>
> >-----Original Message-----
> >Have you tried creating "Rescue Disk" in AVG?
> >As i heard it helped someone here on this list.
> >It's under:
> >Service | Create Rescue Disk
> >It needs 3 disks.
> >
> >"robin" <robin@tintagelonline_NOSPAM_.com> wrote in
> message
> >news:09f501c38174$cbd15930$a401280a@phx.gbl...
> >> Does anyone know of a fix for swen that will run from
> the
> >> real DOS prompt? I have tried FixSwen and Stinger, but
> >> they will not run from real DOS. I have also run AVG,
> >> which detected 9 virus files, but would not let me
> select
> >> and clean them.
> >
> >
> >.
> >
- Next message: John Griffin: "MSBlaster removal tool"
- Previous message: helper: "Re: welchia virus"
- In reply to: robin: "Re: Last ditch question"
- Next in thread: robin: "Re: Last ditch question"
- Reply: robin: "Re: Last ditch question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
