Re: Download.Trojan

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 01/09/04

• Next message: Steve: "Re: virus scan stops working"
• Previous message: taff: "Re: Virus scanner"
• In reply to: ianatyeo_at_aol.com: "Download.Trojan"
• Next in thread: taff: "Re: Download.Trojan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 8 Jan 2004 19:23:49 -0500

1) If you are using WinME or WinXP, disable System Restore
            http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
2) Reboot your PC into Safe Mode
3) Using your AV software, perform a Full Scan of your platform and clean/delete any
            infectors found
4) Restart your PC and perform a "final" Full Scan of your platform
5) If you are using WinME or WinXP, re-enable System Restore, reboot the PC
6) If you are using WinME or WinXP, create a new Restore point
7) Please report back your results

In addition:
If you post to UseNet with your TRUE, not a munged, email address then you have now invited
the Swen worm to visit you.

The Swen is news spelled backwards. The reason it is called this is because the Swen worm
harvests email addresses from UseNet News Groups. It has an engine that allows it to post
itself to UseNet News Groups and well as it has its own email engine. From the list of
email addresses that it has harvested, it will then email itself to those addresses.

Dave

"ianatyeo@aol.com" <anonymous@discussions.microsoft.com> wrote in message
news:046c01c3d646$55754770$a501280a@phx.gbl...
| Following download of Norton Antivirus update a virus was
| detected on my system. It being 'Download.Trojan'
| According to a full system scan it had been on my system
| for nearly two weeks but hadn't been detected.
| I think I have located it in a file named wupdater.exe.
| But I cannot get it out of the system even after
| following all the advice I have been given. A full system
| scan finds it, but states it can't get rid of it.
| Any help would be great.!!!!!!!

---

• Next message: Steve: "Re: virus scan stops working"
• Previous message: taff: "Re: Virus scanner"
• In reply to: ianatyeo_at_aol.com: "Download.Trojan"
• Next in thread: taff: "Re: Download.Trojan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: 2 explorer.exe in my task manager ... If you are using WinME or WinXP, disable System Restore ... Reboot your PC into Safe Mode ... (microsoft.public.windowsxp.help_and_support) Re: 2 explorer.exe in my task manager ... If you are using WinME or WinXP, disable System Restore ... Reboot your PC into Safe Mode ... (microsoft.public.windowsxp.general) Re: Notepad.exe not working properly ... ... If you don't have c:\i386 but have the winXP CDROM, ... |> 2) If you are using WinME or WinXP, disable System Restore ... |> 3) Reboot your PC into Safe Mode ... (microsoft.public.windowsxp.general) Re: Request for Help VBS/Redolf.a virus ... | 5) If you are using WinME or WinXP, re-enable System Restore, reboot the PC ... (microsoft.public.security.virus) Re: Lsass.exe replacement ? ... If you are using WinME or WinXP, disable System Restore ... Reboot your PC into Safe Mode ... (microsoft.public.windowsxp.security_admin)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)