Re: Trojan.Dropper.Funweb.A
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 11/14/04
- Previous message: Bud Z: "Trojan.Dropper.Funweb.A"
- In reply to: Bud Z: "Trojan.Dropper.Funweb.A"
- Next in thread: Bud Z: "Re: Trojan.Dropper.Funweb.A"
- Reply: Bud Z: "Re: Trojan.Dropper.Funweb.A"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 14 Nov 2004 16:56:20 -0500
Bud Z:
First dump the contents of the IE cache..
start --> settings --> control panel --> Internet options -->
Choose; Delete files
Choose; Settings Set the size of the cache to ~10MB. You don't need any more.
Then...
1) Download the following two items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download SYSCLEAN.COM and place it in that directory.
Download the signature files (pattern files) by obtaining the ZIP file.
For example; lpt246.zip
Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.
2) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
3) Reboot your PC into Safe Mode
4) Using the Trend Sysclean utility, perform a Full Scan of your platform and
clean/delete any infectors found
5) Restart your PC and perform a "final" Full Scan of your platform
6) If you are using WinME or WinXP, Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
7) Reboot your PC.
8) If you are using WinME or WinXP, create a new Restore point
9) Please report back your results
Dave
"Bud Z" <lzimmerman1@cfl.rr.com.invalid> wrote in message
news:e%23O9CHpyEHA.3368@TK2MSFTNGP15.phx.gbl...
| I have BitDefender Pro virus software version 7.2.
| When I run the virus scan I keep getting this infected file even though the
| last time I ran it, it deleted it.
| Example:
| "tempory internet files\content
| Ie5\QLYTOD8X\SmileyCentralInitialSetup1.0.0.8[1].cab=>f3setup1.exe"
| I run a search including system and operating files from windows explorer to
| delete this file but can't locate this cab file.
|
| Anybody help with this?
|
| Bud Z
|
|
- Previous message: Bud Z: "Trojan.Dropper.Funweb.A"
- In reply to: Bud Z: "Trojan.Dropper.Funweb.A"
- Next in thread: Bud Z: "Re: Trojan.Dropper.Funweb.A"
- Reply: Bud Z: "Re: Trojan.Dropper.Funweb.A"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
