Re: Cannot delete 2 virus from computer
- From: killermiller30@xxxxxxxxx <killermiller30yahoocom@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 10 Jan 2006 11:51:04 -0800
Dave:
Your program cleaned out all but 1 virus. The UnSpyPC(filesafer23.exe) is
still running. Here is were the file is located: C:\windows\system
32\filesaver23.exe.
One of the reccomendations given was to check the registry and delete files
manually. One of the places to look was:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\Cmd
Mapping. I found something in this subdirectory on the right hand side of
page that may be the problem but not sure.
I have 3 entrees total.
1st line: default
2nd line: {FB5F1910-F110-11d2-BB9E-00C04F795683} REG_DWORD 0x00002000
(8192)
3rd line: Next ID REG_DWORD 0x00002001 (8193)
Rest of register appears to be normal.
Is this the source of my problem????
"David H. Lipman" wrote:
> From: "killermiller30@xxxxxxxxx" <killermiller30@xxxxxxxxx@discussions.microsoft.com>
>
> | My antivirus program has detected 2 virus on computer that cannot be removed.
> |
> | -Tojan Horse (howiper.exe)
> | -UnSpyPC (filesafer23.exe)
> |
> | I have followed the directions provided by Norton requiring me to delete
> | values from my the registery. It lists subkeys areas that the virus could be
> | found. Basically it states that I should delete any value that refers to
> | that particular file name. I have gone thru the subkeys but cannot idenify
> | anything related to my 2 problems.
> |
> | The more specific the better.
> |
> | Thanks
> | Can you refer me to another location that could address removal of these????
> | I do not want to delete anything out of the register by accident....
>
> There are anti virus News Groups specifically for this type of discussion.
>
> microsoft.public.security.virus
> alt.comp.virus
> alt.comp.anti-virus
>
> It always helps to indentify fully qualified path to the infectors, not just their names.
>
>
> Download MULTI_AV.EXE from the URL --
> http://www.ik-cs.com/programs/virtools/Multi_AV.exe
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
> FireWall to allow it to download the needed AV vendor related files.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed in Normal Mode.
> This way all the components can be downloaded from each AV vendor's web site.
> The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
>
> You can choose to go to each menu item and just download the needed files or you can
> download the files and perform a scan in Normal Mode. Once you have downloaded the files
> needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
> during boot] and re-run the menu again and choose which scanner you want to run in Safe
> Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
> file. http://www.ik-cs.com/multi-av.htm
>
>
> * * * Please report back your results * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>
.
- Follow-Ups:
- Re: Cannot delete 2 virus from computer
- From: David H. Lipman
- Re: Cannot delete 2 virus from computer
- References:
- Re: Cannot delete 2 virus from computer
- From: David H. Lipman
- Re: Cannot delete 2 virus from computer
- Prev by Date: How to Remove .mdb files from Unsafe File List
- Next by Date: How to Stop NIS from Disabling Windows Firewall
- Previous by thread: Re: Cannot delete 2 virus from computer
- Next by thread: Re: Cannot delete 2 virus from computer
- Index(es):
Relevant Pages
|
