Virus that causes a lot of traffic ?

[Paul fpvt2]

Hi Dave,
Sorry for the late reply. I would like to report my
finding. I boot the machine in safe mode and reran the
stinger.exe and Housecall Sysclean. Both AV did not find
any viruses. But, the machine still caused the heavy
bandwidth traffic. For now, we unplug the machine from
our network, and thinking of reformatting it. My boss
told me not to spend more time on it for now.

If I need to work on it again, I will post the question
here or email you.

Thanks a lot for all your help. I greatly appreciate it.

-----Original Message-----
You can boot DOS but... Only if the platforms uses

FAT32, not NTFS. Otherwise you have to

use the Command Console. However, neither Trend

Sysclean or Stinger will run in the Command

Console. The alternate scanner I will provide you

information on *may* run in the Command

console as it is a multi-mode DOS/Win32/Win64 scanner.

Dave



news:C3C10D57-6C50-4BBE-9533- (e-mail address removed)...
| Thank you very much for the offer to email you, Dave. I appreciate it.
|
| They decided for now not to use this 1 machine that has the most viruses (.
| Bkdr./bounce.a. and . Troj SQLSpida.B), but they told me to look at it when I
| have a minute.
| Another person in my company had deleted the 2 files (c:\winnt\system32
| \config\services.exe and c:\winnt\system32 \drivers\services.exe) in safe
| mode. Then, he reran Housecall (not in safe mode) and it says no more
| viruses. But, after that the high bandwidth traffic still happened, and as
| soon as we disconnect this computer, everything was fine again.
|
| So, my plan was to follow your suggestion to boot in safe mode and run
| sysclean in safe mode. Shall I choose to boot in DOS or not ?
| I will also run stinger in safemode.
| I will post my result.
| If I don't find anymore viruses, I will email you regarding ther other
| Command Line
| scanner.
|
| Thanks a lot for your help.
|
|
|
|
| "David H. Lipman" wrote:
|
| > YES !
| >
| > They would definitely bog down the Server -- No doubt.
| >
| > Please don NOT follow the "other" Dave's

suggestion. You do not need to rebuild the

server
| > at this time.
| >
| > You need to run the utilities in Safe Mode ! This

increases the effectiveness of both

| > finding infectors and removing them.
| >
| > You need to load the Task Manager and shutdown as

many running processes as possible.

| >
| > Then run the utilities. I also suggest going back

to Trend and downloading both the

latest
| > trend Pattern Files and Sysclean.com -- Both were updated Today.
| >
| > I also invite you to email me and I can provide you

with information on another Command