Re: 6 viruses on 2 files
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 12/01/03
- Next message: Michael Engelbrecht: "Re: svchost dies"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- Reply: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 30 Nov 2003 21:39:05 -0500
Mike:
We can't assume what you mean nor read your mind so the following was extremely important to
note..
| By "thorwing a rod" I mean every time I run NAV, it
| reports that these files are infected and cannot delete
| them b/c "access is denied".
Try hitting "Ctrl-Alt-Del" and bring up the TaskManager. Look through the list of running
applications.
Do you see w32x386u ?
If you do see it in the list, shut it down then delete the file in the dllcache directory.
Please read the following URLs:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.cloner.html
http://securityresponse.symantec.com/avcenter/venc/data/w32.tzet.worm.html
http://securityresponse.symantec.com/avcenter/venc/dyn/27381.html
http://securityresponse.symantec.com/avcenter/venc/dyn/36096.html
http://securityresponse.symantec.com/avcenter/venc/data/irc.trojan.html
Dave
<anonymous@discussions.microsoft.com> wrote in message
news:031701c3b7b0$e315ce10$a501280a@phx.gbl...
| By "thorwing a rod" I mean every time I run NAV, it
| reports that these files are infected and cannot delete
| them b/c "access is denied".
|
| The viruses are W32.Tzet.Worm, BAT.Trojan,
| Backdoor.IRC.Cloner, IRC.Backdoor.Trojan and IRC Trojan.
|
| I am not that computer savvy but it appears that NAV (I
| have the the 2004 version) wiped out all the other files
| harmed by these viruses except the two I noted below.
|
| You are correct it is WINNT and not WINNIT.
|
| I double checked the file - it's 0313.INS, whatever that
| means. If I run properties on that particular file, it
| tells me that "access is denied" and all the above
| mentioned viruses are tagged again by NAV.
|
| What do I do?
|
| >-----Original Message-----
| >Mike:
| >
| >What does "...Norton software is throwing a rod over
| these two files" mean ?
| >
| >If you are using NAV, what is the name of the viruses
| that NAV calls it/them ?
| >
| >Are you using NT4 ?
| >
| >Is this a mistype "WINNIT/System32/dllcache" and should
| read "WINNT/System32/dllcache" ?
| >
| >I haven't heard of any infector infecting .INS files. Is
| this a typo and do you mean
| >0313.ini (.INI) file ?
| >
| >You really haven't supplied enough information to help
| you...yet.
| >
| >Dave
| >
| >
| >
| >"Mike" <anonymous@discussions.microsoft.com> wrote in
| message
| >news:036b01c3b7ad$01df9140$a301280a@phx.gbl...
| >| I'm cooked. I have two files in
| WINNIT/System32/dllcache
| >| and they are w32x386u.exe and 0313.ins and they are both
| >| chock full of viruses. My Norton software is throwing a
| >| rod over these two files. Are they safe to delete? Are
| >| they Microsoft files? Please help.
| >
| >
| >.
| >
- Next message: Michael Engelbrecht: "Re: svchost dies"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- In reply to: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- Reply: anonymous_at_discussions.microsoft.com: "Re: 6 viruses on 2 files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
