Re: W95.Henky.Gen
From: Tony (arpeco_at_hotmail.com)
Date: 01/08/04
- Next message: Tom Pepper Willett: "Re: Office Apps open very slow"
- Previous message: David H. Lipman: "Re: virus scan stops responding"
- In reply to: David H. Lipman: "Re: W95.Henky.Gen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 8 Jan 2004 16:23:19 -0600
Thanks, David,
I followed your instructions to the letter. I scanned using the most
intensive settings available each time. NAV found no virus. It concerns me
in that I don't where it went. But apparently my system is currently
virus-free. As for the corrupted second drive, I've physically removed it
from the machine. I'm not sure I want to put it back. In the meantime I
need to find a way to attempt recovery of the data. I was using the drive
as a backup thinking that being physically separated from the system drive
was a safe way to go. Live and learn, eh?
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eZVOdje1DHA.540@tk2msftngp13.phx.gbl...
> Symantec doesn't provide much info on this -
> http://securityresponse.symantec.com/avcenter/venc/dyn/28981.html
> But if it is a version of the Henky.Trojan -
> http://securityresponse.symantec.com/avcenter/venc/dyn/28992.html
> Than it mucks with the hard disk and chances are it may be unrecoverable.
>
> 1) If you are using WinME or WinXP, disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
> 2) Reboot your PC into Safe Mode
> 3) Using your AV software, perform a Full Scan of your platform and
clean/delete any
> infectors found
> 4) Restart your PC and perform a "final" Full Scan of your platform
> 5) If you are using WinME or WinXP, re-enable System Restore, reboot
the PC
> 6) If you are using WinME or WinXP, create a new Restore point
> 7) Please report back your results
>
>
> Dave
>
>
>
>
> "Tony" <anonymous@discussions.microsoft.com> wrote in message
> news:044b01c3d5e0$dbe00c70$a001280a@phx.gbl...
> | I'm running WinXP Pro, NTFS with several users set up. I
> | have Norton Internet Security and Anti-Virus installed and
> | configured for auto-updates. I was logged on and then
> | logged on a second user who needed to use the internet.
> | When they logged off and I went back to my desktop there
> | was a message from Norton that 'C:\Program
> | Files\Messenger\msmsgs.exe' had a virus: 'W95.Henky.Gen'
> | and could not be repaired. It would be disabled.
> | According to Norton's web site, this virus attacks .EXE
> | files. Not a good thing! But they had no further info on
> | it. I then attempted a full system scan under windows
> | which resulted in a blue screen/mem dump. When I tried to
> | boot off the NAV CD I was told it couldn't check
> | compressed files. After restarting normally, then
> | checking in Explorer my second physical Hard Drive (D:,
> | E:, F:) was apparently no longer formatted, I was asked if
> | I wanted to format now. Also the C: drive went from being
> | nearly fragmentation free to seriously fragmented. I
> | removed the second drive. I've updated my virus
> | definitions and re-run a full system scan. The system is
> | apparently virus-free. Where did the virus go? Can I
> | recover my data on the second drive?
>
>
- Next message: Tom Pepper Willett: "Re: Office Apps open very slow"
- Previous message: David H. Lipman: "Re: virus scan stops responding"
- In reply to: David H. Lipman: "Re: W95.Henky.Gen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
