Two weeks ago, I discovered the w32.pinfi (or W32/Pate.a to McAfee) virus on a file that came from my friend. I managed to kill it before it infected my system, but my friend?s system (XP pro) wasn?t so lucky; after conducting a scan, the virus was found all over the place.
But here comes the tricky part. Seeing that the entire system is infected (the virus only infects .exe and .scr), including system files, the most sound option is clean boot from floppy and format all the hard disk drives (the virus infects all mapped drives and networked shares). But I?m going to hold off that solution as a last resort due to the pain it is to install and configure everything all over again.
When using an anti-virus program (I?m using Norton Antivirus 2003 Pro v9.0 and McAfee Viruscan v7.0, both fully updated) to clean the infected files, there is an issue when repairing: the files not always remain functioning afterwards (with Norton, they are always malfunctioning). And if instead of clean we select delete, some files cannot be deleted thanks to that file protection thingy. So the result is, although the majority of infected files are purged, there are always some that remain. And of all the luck, many of those belong to the system, which means they are executed during boot (even on waking from hibernation) and the infection will continue.
So what options do I have here, besides a clean format? How do I shut down the file protection on XP, so I can delete the files?
Oh and another thing; if an infected file is burned into a CD, the anti-virus program is still able to detect it. Right?
Thanks you all...
But here comes the tricky part. Seeing that the entire system is infected (the virus only infects .exe and .scr), including system files, the most sound option is clean boot from floppy and format all the hard disk drives (the virus infects all mapped drives and networked shares). But I?m going to hold off that solution as a last resort due to the pain it is to install and configure everything all over again.
When using an anti-virus program (I?m using Norton Antivirus 2003 Pro v9.0 and McAfee Viruscan v7.0, both fully updated) to clean the infected files, there is an issue when repairing: the files not always remain functioning afterwards (with Norton, they are always malfunctioning). And if instead of clean we select delete, some files cannot be deleted thanks to that file protection thingy. So the result is, although the majority of infected files are purged, there are always some that remain. And of all the luck, many of those belong to the system, which means they are executed during boot (even on waking from hibernation) and the infection will continue.
So what options do I have here, besides a clean format? How do I shut down the file protection on XP, so I can delete the files?
Oh and another thing; if an infected file is burned into a CD, the anti-virus program is still able to detect it. Right?
Thanks you all...
Facebook
Twitter