virus attack

[boris]

Hi. My pc was attacked by a whole bunch of viruses last night and CA
seemed to have cleaned them out. However, shortly after that a very
strange error message popped up: Windows has detected that system
files need to be replaced by SP-3 format. Do you want to replace them?
- I don't think so! The problem is that this message box won't go
away. When I click "No" or "cancel" it comes right back.
Any ideas what can be done to get rid of this pesky message?

 

[SC Tom]

Hi. My pc was attacked by a whole bunch of viruses last night and CA
seemed to have cleaned them out. However, shortly after that a very
strange error message popped up: Windows has detected that system
files need to be replaced by SP-3 format. Do you want to replace them?
- I don't think so! The problem is that this message box won't go
away. When I click "No" or "cancel" it comes right back.
Any ideas what can be done to get rid of this pesky message?

Replace the files like it is suggesting.

 

[Gerry]

Boris

Don't replace the files. This is a CA Anti-Virus problem arising out of
an error in the latest Virus Definitions.
http://homeofficeforum.ca.com/homeofficeforum/showthread.php?t=4840

--


Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

 

[boris]

Replace the files like it is suggesting.

you don't think it could be a trick played by a virus that might have
snuck through?

 

[Gerry]

Boris

It not what you suspect. It's an error by your CA Anti-Virus. Wait for
the next Virus Definition Update to correct the problem.


--


Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

 

[boris]

Boris

It not what you suspect. It's an error by your CA Anti-Virus. Wait for
the next Virus Definition Update to correct the problem.

--

Hope  this helps.

Gerry
 ~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~





- Show quoted text -

I immediately tried to update CA but it didn't solve the problem. I
guess I'll have to wait till they come out with a solution.

 

[nass]

Hi. My pc was attacked by a whole bunch of viruses last night and CA
seemed to have cleaned them out. However, shortly after that a very
strange error message popped up: Windows has detected that system
files need to be replaced by SP-3 format. Do you want to replace them?
- I don't think so! The problem is that this message box won't go
away. When I click "No" or "cancel" it comes right back.
Any ideas what can be done to get rid of this pesky message?

Since you said a punch of Viruses, it mean it is n't a false positive. It
can't be with such number false positive, unless you installed a new software
which has a security pack.

Try to scan from another vendors and run hijackthis and send your log to one
of many forums on the internet for analysis to help you out making sure your
machine not compromised. I will not relay on 'False Positive' while Conficker
(worm) lurking around!!

Computer Worms - Conficker | Microsoft Security
http://www.microsoft.com/security/worms/Conficker.aspx

Run disk clean up then this commnd:
sfc /scannow

If you can capture the exact error message and send the exact verbatim that
will be very helpful to understand if it is fake message or a security
message and genuine from the operating system.

HTH,
nass

 

[David B.]

It is in fact a false positive.

--


------

Since you said a punch of Viruses, it mean it is n't a false positive. It
can't be with such number false positive, unless you installed a new
software
which has a security pack.

Try to scan from another vendors and run hijackthis and send your log to
one
of many forums on the internet for analysis to help you out making sure
your
machine not compromised. I will not relay on 'False Positive' while
Conficker
(worm) lurking around!!

Computer Worms - Conficker | Microsoft Security
http://www.microsoft.com/security/worms/Conficker.aspx

Run disk clean up then this commnd:
sfc /scannow

If you can capture the exact error message and send the exact verbatim
that
will be very helpful to understand if it is fake message or a security
message and genuine from the operating system.

HTH,
nass

 

[David B.]

Make sure the definitions are 6606 or newer, then you need to restore the
files from quarantine.

--


------

Boris

It not what you suspect. It's an error by your CA Anti-Virus. Wait for
the next Virus Definition Update to correct the problem.

--

Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~





- Show quoted text -

I immediately tried to update CA but it didn't solve the problem. I
guess I'll have to wait till they come out with a solution.

 

[Anteaus]

Send a few of the quarantined files to http://virustotal.com

That should at least give you some idea whether other AV products also think
they are infected.

False alarms are becoming a very serious problem, I'm starting to get
concerned that the whole office could be put offline by one as destructive as
this.