Re: a new virus??

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 10/09/04

Next message: Cris: "Re: a new virus??"
Previous message: anja: "Re: a new virus??"
In reply to: anja: "a new virus??"
Next in thread: anja: "Re: a new virus??"
Reply: anja: "Re: a new virus??"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 9 Oct 2004 13:14:17 -0400

1) Download the following two items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt192.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) If you are using WinME or WinXP, disable System Restore
            http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
3) Reboot your PC into Safe Mode
4) Using the Trend Sysclean utility, perform a Full Scan of your platform and
        clean/delete any infectors found
5) Restart your PC and perform a "final" Full Scan of your platform
6) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
            System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
7) Reboot your PC.
8) If you are using WinME or WinXP, create a new Restore point
9) Please report back your results

Dave

"anja" <anja@discussions.microsoft.com> wrote in message
news:42D21C26-9967-4C9F-9660-2E78EF3AEE7A@microsoft.com...
| hi everybody!
| could someone help me? i have norman virus program and firewall, but it
| found a new virus and cannot remove it. the new virus is: W32/gaobot.AED.
| please, help me. i'm in a panic and don't know what to do. does someone else
| this same problem?
| thank you forward.
| anja

Next message: Cris: "Re: a new virus??"
Previous message: anja: "Re: a new virus??"
In reply to: anja: "a new virus??"
Next in thread: anja: "Re: a new virus??"
Reply: anja: "Re: a new virus??"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Backdoor.MLink
... (e.g., "c:\New Folder") ... Download sysclean.com and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ... | Event: Virus Found! ...
(microsoft.public.security.virus)
Re: Is anyone experience like this? How did you removed this threat?
... | i'm not sure if these is the right place to post virus problems, ... | infected by backdoor these time on volume C. system restore. ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ...
(microsoft.public.windowsxp.general)
Re: virus problem
... > prompts me to this virus but cannot delete it. ... *not* contained only in System Restore points. ... Mode with TrendMicro's Sysclean: ... Create a new folder on your Desktop or the C: ...
(microsoft.public.windowsxp.security_admin)
Re: Homepage hijack - blank.mht
... One extra symptom of this virus -- it seems to have a clock wakeup - after ... The only folder under that folder should be the latest version. ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ...
(microsoft.public.windowsxp.general)
Re: heretofind problem
... (e.g., "c:\New Folder") ... Download sysclean.com and place it in that directory. ... If you are using WinME or WinXP, disable System Restore ...
(microsoft.public.scripting.virus.discussion)