Re: agobot
From: deke (anonymous_at_discussions.microsoft.com)
Date: 12/19/03
- Next message: David H. Lipman: "Re: McAfee's Naming Convention of Computer Viruses, Worms and Trojans"
- Previous message: Bill Sanderson: "Re: McAfee's Naming Convention of Computer Viruses, Worms and Trojans"
- In reply to: David H. Lipman: "Re: agobot; spybot"
- Next in thread: David H. Lipman: "Re: agobot"
- Reply: David H. Lipman: "Re: agobot"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 19 Dec 2003 11:36:33 -0800
>-----Original Message-----
>You are confused - It's Trend's HouseCall, It's McAfee's
Stinger.
>
>As for the Registry - If you won't do it, take to a local
a service center. This is a Self
>Help forum. I can't reach out to your PC and make
modifications :-)
>
>Dave
>
>
>
>
>"deke" <anonymous@discussions.microsoft.com> wrote in
message
>news:00cd01c3c65f$fc4ddd60$a401280a@phx.gbl...
>>.
>| >McAffee's housecall, and TM's Stinger both found, but
>| could not remove worm. As previously mentioned, I am no
>| tech, and am terrified of editing the registry.
>
>
>.
>I'm not saying that I won't, just that I'm wary. At this
point, I have bought new McAfee basic AV software on CD,
and it would not install(or at least the scan console
would not start). I took your advice from another post
and tried it in safe mode. It is presently scanning.
Among other things, it has found one instance of
W32/Gaobot.worm.(g)en. The g in parenthesese could be a q,
I can't be sure, the name is underlined as a link,
obliterating the tail of the letter.
The file name is: C:\System Volume Information\_restore
{***}\RP10\A0005953,exe, where *** is a string of numbers,
digits, and dashes. I assume this to be a restore point,
which brings me to a problem(again). I cannot access
System Restore. When I try, I get an error message, and
there is no restore tab on the system properties box.
I'm trying not to ramble, just don't know what is
important or not.
One more thing, since this copy of McAfee was "off the
shelf" I feel that I probably need to update, but I can't
get on-line in safe mode.
AV has finished scanning now, and has found another
instance of the same worm in
C:\WINDOWS\system 32\wincffg.exe
Both have been deleted by AV
- Next message: David H. Lipman: "Re: McAfee's Naming Convention of Computer Viruses, Worms and Trojans"
- Previous message: Bill Sanderson: "Re: McAfee's Naming Convention of Computer Viruses, Worms and Trojans"
- In reply to: David H. Lipman: "Re: agobot; spybot"
- Next in thread: David H. Lipman: "Re: agobot"
- Reply: David H. Lipman: "Re: agobot"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
