On 5/26/06 1:02 PM, "Michael Henry" <[EMAIL PROTECTED]> wrote:
> Binary file virus, two files working together to stay loaded. The > thought being you are never fast enough to delete both. > > Best method of removal, remove drive and slave mount it to a system with > a current AV, custom scan the drive, and it will usually kill both files > while their dormant. If it's a really new virus, scan for .exe,.dll > that have a new date since the infection time. Alternatively, you could create a BartPE boot CD with McAfee AV, Spybot, and Ad-aware to do the scanning. The important bit, as Michael points out, is to do your scanning and removal outside the machine's Windows install. I would also check all possible startup locations for suspicious files. This guide is rather helpful in that regard: http://www.bleepingcomputer.com/tutorials/tutorial44.html Steven -- Steven Dickenson <[EMAIL PROTECTED]> Computer Network Manager The Key School, Annapolis Maryland _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
