|
Posted by =?Utf-8?B?R3JhaGFtIFQ=?= on July 8, 2005, 4:49 pm
If you were Registered and logged in, you could reply and use other advanced thread options
CRCAB.exe in the process list (Even in safe mode) so the various removal
tools failed to delete the file. The process in task mgr refuses to die when
terminated (it seems to respawn itself) and proceeds to take up to 90% of the
CPU time.
however I made boot dik and ran the sophos scan from dos and this deleted
the CRCAB.exe file
When windows was restarted a message saying that the CRCAB.exe was missing
(so something is still trying to load it - Reg entries?)
Anyway its gone and the PC is back from the dead
Maybe you need to include a DOS scan instruction in the procedures
Question - Do you need the full .LOG files from the various scans Ill mail
if necessary
Graham
--
Selling Nothing
Buying Nothing
Doing Nothing
"David H. Lipman" wrote:
>
> The McAfee module in the Multi-AV front end should get it.
>
> Dump the contents of the IE Temporary Internet Folder cache (TIF)
> Start --> Settings --> Control Panel --> Internet Options --> Delete Files
>
> Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
> Tools --> Options --> Privacy --> Cache --> Clear
>
> Download MULTI_AV.EXE from the URL --
> http://www.ik-cs.com/programs/virtools/Multi_AV.exe
>
> It is a self-extracting ZIP file that contains the Kixtart Script Interpreter {
scripts, one Link
> (.LNK) file, this PDF instruction file and two utilities; UNZIP.EXE and
WGET.EXE. It will
> simplify the process of using up to 3 different Anti Virus Command Line
Scanners to remove
> viruses and various other malware.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed in
Normal Mode. This
> way all the components can be downloaded from each AV vendor’s web site.
> The choices are; Sophos, Trend, McAfee, Exit the menu and Reboot the PC.
>
> You can choose to go to each menu item and just download the needed files or
you can
> download the files and perform a scan in Normal Mode. Once you have downloaded
the files
> needed for each scanner you want to use, you should reboot the PC into Safe
Mode [F8 key
> during boot] and re-run the menu again and choose which scanner you want to
run in Safe
> Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help
> file.
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE and/or
FTP.EXE to go
> through your FireWall to allow them to download the needed AV vendor related
files.
>
> * * * Please report back your results * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>
| 
XML site map