• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

quick question about a virus I have. (or dont)

Codasmd

Old School XPeriencer
#1
Hey,

I ran a virus scan from pcpitstop.com and it found The W32/Weird.10240.A Virus.

It said it "was found in file C:\System Volume Information\_restore{F2ED29EC-FC8D-4AD0-BC24-D3CFCC320FF0}\RP34\A0004047.exe"

...so I installed norton antivirus2002, ran it, and norton doesn't see it.

Any ideas on how to get rid of it or why norton can't find it?


Here is the url from pcpitstop:

http://www.secadministrator.com/Panda/Index.cfm?FuseAction=Virus&virusID=237

Thx

I'm running WinXP Pro
 

xsivforce

Prodigal Son
#3
Removal of this virus requires that you have a DOS boot disk or Windows Startup disk, and assumes that you be familiar with using basic DOS commands at the command prompt.

1. Insert a clean DOS floppy disk or Windows Startup disk into the floppy disk drive, and restart the computer.
2. At the prompt type the following two commands, pressing Enter after each one:

c:
cd windows
dir *.exe /a:h

All .exe files in the \Windows folder that have the hidden attribute are displayed.

NOTE: If Windows is installed in a different location, make the appropriate substitution when typing the first command.

3. Look for a file with a size of 10,240 bytes. The name of the file is generated by taking the computer name on the infected system and changing some of the characters. Write down the name of this file.
4. Type the following, and then press Enter after each one:

attrib <file name from step 3> -h
del <file name from step 3>

5. Type the following two commands, pressing Enter after each one:

del wininit.ini
del wininit.bak

6. Restart the computer.
7. Start Norton AntiVirus, and run LiveUpdate.
8. Run a full system scan. Attempt to repair any files that are infected with W32.Weird. If they cannot be repaired, you must delete them and restore them from a clean backup copy, or reinstall the deleted file.
 

Codasmd

Old School XPeriencer
#4
I'm not exactly sure what is meant by a clean DOS boot disk.

Is it the same as a quick boot disk?

What do I need to have on the floppy?
 

Codasmd

Old School XPeriencer
#6
Ok,

I just made MS-DOS startup disk via right clicking on the a drive in winex.....(which may be my problem)


then I went with the above mentioned instructions:

c:
cd winddows
dir *.exe /a:h

but at that, I'm not showing any hidden files......

wrong sort of boot disk?
 

Reg

eXperienced!
#7
We were having the same problem at my school with the same virus. The virus is a trojan that allows people to access your computer from the net (that was impossible at our school since we were behind a double NAT). We were able to remove the virus with Norton Corporate Edition.

I know that McAfee 6 can detect and remove the virus so if you still have problems, try McAfee.
 

Codasmd

Old School XPeriencer
#8
Well.....I went with the 'ole format and re-install. Needed to be done anyways.

Both norton and pcpitstop say that I'm virus free....(for now).

Thanks for the replies and suggestions.
 

Members online

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,962
Messages
673,247
Members
89,020
Latest member
saryrehgy