W32.Weird Virus

  • Thread starter Thread starter Stan W.
  • Start date Start date
S

Stan W.

norton antivirus keeps finding a file called Setup.exe that is a virus
called W32.Weird and it is unable to delete it. I read up on the virus at
the NAV site but I still do not understand what it is doing. Can anyone
explain to me what this virus is doing and if it is related to the worm that
spread last week?

Thanks.
 
-----Original Message-----
norton antivirus keeps finding a file called Setup.exe that is a virus
called W32.Weird and it is unable to delete it. I read up on the virus at
the NAV site but I still do not understand what it is doing. Can anyone
explain to me what this virus is doing and if it is related to the worm that
spread last week?

Thanks.


.Hi- I just looked it up on the NAV site-:
Click to expand...
http://securityresponse.symantec.com/avcenter/venc/data/w32
..weird.html

Here is HOW you remove it- You do have a virus- that is
why NAV keeps saying it cannot remove it:

To remove this virus:

NOTE: Removal of this virus requires that you have a DOS
boot disk or Windows Startup disk, and assumes that you be
familiar with using basic DOS commands at the command
prompt.


1. Insert a clean DOS floppy disk or Windows Startup disk
into the floppy disk drive, and restart the computer.
2. At the prompt type the following two commands, pressing
Enter after each one:

c:
cd windows
dir *.exe /a:h

All .exe files in the \Windows folder that have the hidden
attribute are displayed.

NOTE: If Windows is installed in a different location,
make the appropriate substitution when typing the first
command.

3. Look for a file with a size of 10,240 bytes. The name
of the file is generated by taking the computer name on
the infected system and changing some of the characters.
Write down the name of this file.
4. Type the following, and then press Enter after each one:

attrib <file name from step 3> -h
del <file name from step 3>

5. Type the following two commands, pressing Enter after
each one:

del wininit.ini
del wininit.bak

6. Restart the computer.
7. Start Norton AntiVirus, and run LiveUpdate.
8. Run a full system scan. Attempt to repair any files
that are infected with W32.Weird. If they cannot be
repaired, you must delete them and restore them from a
clean backup copy, or reinstall the deleted file.

NOTE: If NAV reports that it cannot delete an infected
file, you must shut down the computer, turn off the power,
and wait 30 seconds. Then restart the computer in Safe
mode and run the scan again. All Windows 32-bit operating
systems except Windows NT can be restarted in Safe mode.
For instructions on how to do this, read the document How
to start the computer in Safe Mode.

Hope this helps- If you cannot remove this virus,you may
need to get a computer techie in to help you...

Andrea
 
Stan,

One additional note to Andrea's response. If your hard disk is NTFS
formatted, a DOS boot disk will not allow you to delete the infected file.
A DOS boot disk can't read NTFS drives. The only way to access an NTFS
drive is to boot with the XP install CD and let setup run. When you're
prompted to choose Setup or Repair, choose Repair, and follow the prompts.

You can also try the following. Click Start, Run and enter TASKMGR.EXE Go
to the Processes tab, and locate the entry for Setup.exe Highlight it and
select End Process. Then run Norton again, or try deleting the file
manually.
 
Thanks for the info. What Id like to do is simply reformat the whole drive,
I need to do it anyways, things are running slow lately.

I want to backup all of my files, such as my outlook .pst and my documents
folder. Anyone know if backing up these files before removing the virus
would be a bad idea? Does this virus only infect the Windows System or does
it also affect the other files as well?

Thanks.
 
Thanks!
Doug Knox MS-MVP said:
Stan,

Generally virus's don't infect existing files (some do). They do create
copies of themselves though. If you find a file that has a normal Windows
file name, that's infected, its just a copy of the virus, the majority of
the time. As long as you scan any files that you backup, before copying
them back to the new system, you should be ok.

To just start over, boot from the XP CD, and run Setup from there. You'll
be offered the chance to reformat and repartition your drive.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

help regarding w32 virus 2
Virus question 6
A Book on the Registry... 5
norton antivirus vs. system performance manager and security cente 2
Is there a virus? 10
Virus Question 8
Virus checker 7
Slow explorer,seaching,believe I am virus/worm free 3

Back
Top