I have a PC on my bench that was infected. I did not want to do what most shops recommend----Fdisk/format c: Thats an easy cop out for lazy techies. This insideous virus disables your antivirus software, changes file names, changes extensions, replicates over and over again on your hard drive in hidden files and changes the name on each one of them, the code has in it a dial a porn number that auto dials a 900 number if you have a dial up service, and it attaches to every address in your email address book, outlook, hotmail, whatever. This one is a pistol,folks.
If you have it, or know of someone who has it, isolate it from any and all service and do what you can to begin the cleanup. Leo LaPorte on Screensavers tonight gave a clue as to how to get rid of it, but he did not--I repeat--DID NOT give you all the info you need. And neither will Symantec, my favorite antivirus program. You need to boot to dos and with a dos editor,search for the files that have replicated (hint--in my system on the bench, two files where identified by their duplicate size, repeated more than 46 times) and make that the final thing you do before turning it loose on the public again. follow all the instructions on the Symantec site and use the removal tool, but the problem is, the removal tool will not find all the replicated files because it changes name and extension, but not its size. That is the dead give away.
I do not know where to place this info, but I know OT gets alot of page hits. you all need to be aware and have a reputable, experienced tech remove this from an infected system. If you have what it takes and can do registry edits and use DOS editor tools, then tackle it yourself. If not, find a good shop. But you do not need to loose all your data from some schlock shop too lazy to remove the virus. Many shops just say Fdisk and format. To them -----Eat Sh!t and die--- you are helping the bastard that wrote this virus succeed.
I hope this creep gets busted for life in prison with his pants around his ankles. This is a most malecious virus.
Good luck.
If you have it, or know of someone who has it, isolate it from any and all service and do what you can to begin the cleanup. Leo LaPorte on Screensavers tonight gave a clue as to how to get rid of it, but he did not--I repeat--DID NOT give you all the info you need. And neither will Symantec, my favorite antivirus program. You need to boot to dos and with a dos editor,search for the files that have replicated (hint--in my system on the bench, two files where identified by their duplicate size, repeated more than 46 times) and make that the final thing you do before turning it loose on the public again. follow all the instructions on the Symantec site and use the removal tool, but the problem is, the removal tool will not find all the replicated files because it changes name and extension, but not its size. That is the dead give away.
I do not know where to place this info, but I know OT gets alot of page hits. you all need to be aware and have a reputable, experienced tech remove this from an infected system. If you have what it takes and can do registry edits and use DOS editor tools, then tackle it yourself. If not, find a good shop. But you do not need to loose all your data from some schlock shop too lazy to remove the virus. Many shops just say Fdisk and format. To them -----Eat Sh!t and die--- you are helping the bastard that wrote this virus succeed.
I hope this creep gets busted for life in prison with his pants around his ankles. This is a most malecious virus.
Good luck.
Facebook
Twitter