| Next: F-prot |
| Author |
Message |
Buddy B
External
Since: Mar 02, 2005
Posts: 8
|
 Posted: Wed Feb 23, 2005 8:41 pm Post subject: Trojan in c:windows. I can`t delete and neither can F-prot For Windows.
Imported from groups: alt>comp>anti-virus (more info?) |
|
|
|
| This message is not archived
|
|
|
| Back to top |
|
 |
David H. Lipman
External
Since: Jul 04, 2003
Posts: 2116
|
Posted: Thu Feb 24, 2005 2:06 am Post subject: Re: Trojan in c:windows. I can`t delete and neither can F-prot For Windows. [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?) |
|
|
Look in the Registry for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UPNPClient
Is it there ?
Look at the WinXP NT Services and stop the service.
You can use MSCONFIG.EXE to find the setrvice "UPNPClient" and then disable the the service.
Reboot your PC into Safe Mode and then clean the OS using F-Prot.
--
Dave
<Buddy B DeleteThis @yippy.ti.ye> wrote in message news:ckbq119qt3vebner1md184km4k4ig0r8c5@4ax.com...
| How can I delete this file acrobat.dll that contains W32/backdoor.AOP
| Can`t do it from DOS as I used to do, I guess?
| Maybe try in safe mode?
| The Cleaner couldn`t clean.
| Thanks
| Regards Buddy B |
|
| Back to top |
|
|
Buddy B
External
Since: Mar 02, 2005
Posts: 8
|
Posted: Thu Feb 24, 2005 6:50 pm Post subject: Re: Trojan in c:windows. I can`t delete and neither can F-prot For Windows. David [Login to view extended thread Info.]
Imported from groups: per prev. post (more info?) |
|
|
| This message is not archived |
|
| Back to top |
|
|
Buddy B
External
Since: Mar 02, 2005
Posts: 8
|
Posted: Sat Feb 26, 2005 4:54 pm Post subject: Re: Trojan in c:windows. I can`t delete and neither can F-prot For Windows. David [Login to view extended thread Info.]
Imported from groups: per prev. post (more info?) |
|
|
| This message is not archived |
|
| Back to top |
|
|
Jolly Jumper
External
Since: Feb 27, 2005
Posts: 5
|
Posted: Sun Feb 27, 2005 7:24 pm Post subject: Re: Trojan in c:windows. I can`t delete and neither can F-prot [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?) |
|
|
Buddy B.RemoveThis@yippy.ti.ye a écrit :
> On Thu, 24 Feb 2005 23:57:06 GMT, "David H. Lipman"
> <DLipman~nospam~@Verizon.Net> wrote:
>
>
>>Then again reboot your PC into Safe Mode and shutdown as many applications as
>
> possible
>
>>before scanning your platform with F-Prot.
>>
>>--
>>Dave
>
>
> Dave
> Deleted it 2 different times from Safe Mode and it popped back when I ran fprot
> again from windows.
> I did, however, delete it permanently from Windows with no problem.
> It seems to be gone for the moment, anyway.
>
> My experience is that some virus/trojans wind up in the system restore files,
> which I`m guessing is in:
> C:\System Volume Information folder.
> The only way I know of to get rid of a problem there is to turn off System
> Restore, reboot, and then turn Sys Restore back on??? Seems to work.
>
> Comment:
> Fprot seems to be much more sensitive to suspicious files than kaspersky`s AVP
> that I also use.
> Fprot is the monitor and AVP is the on demand.
>
> Appreciate your help,,.
> Regards Buddy B
If you want to see inside the folder *C_System Volume Information* where
you can find the restore files , you can install *scesp4i.exe* available
at Microsoft's site and you'll be able to delete the restore points you
want and keep the others ( So you won't lose all your restore points ) .
I installed it and I could delete a virus in that folder in a restore
point done by the system ( Win XP ) and keep my own restore points .
Regards
JJ |
|
| Back to top |
|
|
|
Computer Security