Re: Backdoor.Ircbot.AV infection
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 11/24/03
- Next message: Jason: "Re: virus"
- Previous message: melvin: "Re: Backdoor.Ircbot.AV infection"
- In reply to: melvin: "Re: Backdoor.Ircbot.AV infection"
- Next in thread: melvin: "Re: Backdoor.Ircbot.AV infection"
- Reply: melvin: "Re: Backdoor.Ircbot.AV infection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 Nov 2003 13:14:29 -0500
Melvin:
Not knowing how the reporting is done in AVG I don't know why you still have an infected
file.
If you turned off System Restore, rebooted and the performed a scan and the scan was clean.
How can it report an infected file ?
When you re-enabled System Restore it is empty. When you created a new Restore Point it
will then have a snapshot of your PC at that time. It should be clean. So I don't know
what is happening or was is being reported.
Dave
"melvin" <anonymous@discussions.microsoft.com> wrote in message
news:02c301c3b2b4$0ed36be0$a301280a@phx.gbl...
| Hello David;
| Thanks for the quick response. I followed your
| instructions up to and including "Create a New System
| Restore Point". This went OK. When I ran the AV package,
| it reported no virus infection found. However, when I look
| in the Test Results, of the AVG package, and click on one
| of the files that is highlighted in red and click Detail
| Info, it still states I have an infected file. Please let
| me know what my my next step should be, if any. Thanks in
| advance. I really appreciate the help.
| melvin
| ------------------------------------
| >-----Original Message-----
| >Please read the following URL:
| >http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.ht
| m
| >
| >The objective:
| >------------------
| >- Turn off the System Restore function
| >- Reboot the PC
| >- Using your AV package, perform a full scan of all files
| on the platform and clean/delete
| > infectors found
| >- Turn on the System Restore function
| >- Reboot the PC
| >- Create a new System Restore point.
| >
| >If you have problems, it can be done manually....
| >
| >Use the WinME floppy boot disk and boot from drive "A:"
| >When you get to a DOS prompt enter the following command
| >
| >attrib -r -s -h c:\_RESTORE
| >rename c:\_RESTORE c:\RESTORE.old
| >
| >Reboot the PC.
| >
| >In Windows delete the folder; c:\RESTORE.old
| >
| >Please report back your results.
| >
| >Dave
| >
| >
| >"melvin" <anonymous@discussions.microsoft.com> wrote in
| message
| >news:02ce01c3b224$0fe8d5f0$a301280a@phx.gbl...
| >| Hello;
| >| AVG Antivirus informed me that my machine was infected
| >| with the subject virus. I suspect it got into my machine
| >| because I had not updated the virus file. I am running
| >| Windows ME so I did a System Restore to an earlier date
| >| which seems to got rid of it. When I look in the Test
| >| Results in AVG, it states I have infected files named:
| >| C:\_Restore\Temp\A0149115 and A0149116. Was it an OK
| >| procedure to use System Restore? Should I delete the
| >| infected files or just leave them alone? As far as I can
| >| determine my machine runs OK. Thanks for you help in
| >| advance.
| >
| >
| >.
| >
- Next message: Jason: "Re: virus"
- Previous message: melvin: "Re: Backdoor.Ircbot.AV infection"
- In reply to: melvin: "Re: Backdoor.Ircbot.AV infection"
- Next in thread: melvin: "Re: Backdoor.Ircbot.AV infection"
- Reply: melvin: "Re: Backdoor.Ircbot.AV infection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
