1) Download the following four items...
McAfee Stinger
http://vil.nai.com/vil/stinger/
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Dowload the Trend Pattern File by obtaining the ZIP file.
For example; lpt244.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDoc...SysRestore.htm
4) Reboot your PC into Safe Mode
5) Using Trend Sysclean, Stinger and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using the three
utilities; Trend Sysclean, Stinger and Adaware
7) If you are using WinME or WinXP, Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
You can also try some of the below online scanners.
BitDefender:
http://www.bitdefender.com/scan/license.php
Computer Associates:
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
DialogueScience:
http://www.antivir.ru/english/www_av/
F-Secure:
http://support.f-secure.com/enu/home/ols.shtml
Freedom Online scanner:
http://www.freedom.net/viruscenter/index.html
Kaspersky:
http://www.kaspersky.com/de/scanforvirus
McAfee:
http://www.mcafee.com/myapps/mfs/default.asp
Panda:
http://www.pandasoftware.com/activescan/
RAV
http://www.ravantivirus.com/scan/
Symantec:
http://security.symantec.com/
Trend:
http://housecall.antivirus.com
http://housecall.trendmicro.com
* * * Please report your results ! * * *
Dave
"Teeekay" <(E-Mail Removed)> wrote in message
news:25CDCBB2-E312-4AD9-8810-(E-Mail Removed)...
| On 11-2-04 in the morning, some malicious code was run on an XP Home machine.
| Which I am responsible for. The result was that the registry was overwritten,
| and the documents and settings folder was replaced. Trying to access the
| documents and settings folder with explorer or power desk yielded an access
| denied message. I used a file recovery utility (Active Undelete 5.0) to
| recover the documents that were lost including outlook express .wab and .dbx
| files and word and excel files.
| While examining hundreds of lost and deleted folders on the hard drive,
| I found that most of them contained a small file named AXEL.DAV. In this file
| was the name Axel Davis. I also fouund remnants of some executables which
| were probably malicious code that ran and later deleted themselves. A few had
| names begining with 33WW and one was named run and hide. . I did a google
| search on AXEL.DAV, and came up with a web page, axeldavis.com where the
| writers claim to know what an AXEL.DAV file is but they won't say. They also
| provide a copy of a google search page with links to a microsoft forum dated
| in 2002 where a couple of people posted messages about their system being hit
| by a virus which left hundreds of AXEL.DAV files on their machine.
| Can anyone tell me if this was a virus or trojan, or if a hacker somehow
| got through and took over the computer.
Similar Threads
