Quote:
|
*** ...but as long as you have an AV program that has the virus signature
|
Saltheart, sorry for the late reply.,,,no okh extension, strictly junk dlls, items in a bogus
Recycler folder and new registry entries/edits,
and if that's not enough, ,,bogus Services were created.....but you hit the nail pretty square on the head with the anti-virus needing to be up to par.,,
For anyone still suffering from this mess, (like me
) I ran the Symantec removal tool "D:exe" (located on their site for free) ....installed the patch from MS but couldn't get rid of the file that it was
supposed to delete after a reboot...(a weird named,, dll file), each workstation had a different one, so you couldn't just search for the same one. ...but anyway,, The log file that the tool creates displays the location of the junk dll, (uncheck "hide protected operating system files" under your folder options) within the system32 folder, take ownership of the file and then manually delete it. Do all of this in safe mode. Sometimes the tool does delete the file, but if it says it will delete it after the next reboot, it never did. I then emptied the recycle bin, and installed the patch, rebooted...re-ran the scan and it came back clean.
However, I thought the patch was supposed to keep it out, it does NOT!
*** I'm currently battling with my anti-virus company because they're having difficulties disinfecting or quarantining it...so it keeps on coming back, when you're dealing with shared drives throughout the network, a virus that LOVES thumb/flash drives....woah what a mess!!!...
It's been quite the adventure...It's on over 600 workstations and 10 servers....God only knows how many thumb drives it's taken residence on....
I'm hoping once my anti-virus can contain it, I can catch up........until then....
Any advice or comments are GREATLY welcome.
