| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 48832 | 2004-09-02 09:42:00 | AVG FREE EDITION | chrisabnett (5739) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 268351 | 2004-09-02 09:42:00 | When I leave my computer standing for a while, I get a message stating: virus identified Worm/Padobot.Q to remove this virus, please run AVG for windows.Well when I do that,AVG detects nothing at all.So what alternative could I do to stop this annoying pop up.thanks |
chrisabnett (5739) | ||
| 268352 | 2004-09-02 09:52:00 | Two things I could suggest. shut down your AVG and do an online free scan from one of the other antivirus people ..say Panda or Avast. update and run a good spyware program. I have never heard of padobot.q ?? as a worm. |
fairway (5932) | ||
| 268353 | 2004-09-02 09:58:00 | make sure explorer is set to show hidden files and operating system files. also with avg full scan settings set it to scan all files. you may need to scan while in safe mode. what folder is the worm in? AVG normally tells you the location. if all else fails nortons has a removal tool (securityresponse.symantec.com). |
tweak'e (174) | ||
| 268354 | 2004-09-02 09:59:00 | Try these Online Virus and spyware scanners Panda Active Scan -- here (www.pandasoftware.com) Housecall -- here (www.trendmicro.com) Trojan scans here (www.anti-trojan.net) Spyware scanhere (www.windowsecurity.com) hth |
johnboy (217) | ||
| 268355 | 2004-09-02 10:17:00 | From www.Grisoft.com Worm/Padobot (alias Worm.Korgo) This worm spreads by internet exploiting MS Windows LSASS service vulnerability described in MS Security Bulletin MS04-011. Installation: When the worm is launched it copies itself using random name to Windows System Directory and registers itself in Run key in Windows Registry. Spreading: internet Worm randomly searches IP addresses and when it finds vulnerable computer with opened port 445 it uses exploit for its infection. As side efect of infection LSASS service error report is shown and computer is restarted in next 30 seconds. Backdoor: Worm is also listening for commands on ports it opens. |
nzStan (440) | ||
| 268356 | 2004-09-02 10:23:00 | If using ME or XP turn off system restore before running av scan. Don't forget to turn back on again afterwards. www.pchell.com | gerrypics (323) | ||
| 268357 | 2004-09-02 10:49:00 | Just cleaned that one off a computer today - Stinger got rid of it. | Susan B (19) | ||
| 268358 | 2004-09-02 10:51:00 | Thanks Stan Perhaps a firewall/ port blocker is in order as well? |
fairway (5932) | ||
| 268359 | 2004-09-02 19:15:00 | Yes, the location of this padobot is C;/system volume information, but the funny thing is that this folder is absolutely empty. Well i hope. | chrisabnett (5739) | ||
| 268360 | 2004-09-02 19:55:00 | > Yes, the location of this padobot is C;/system volume > information, indicates that this virus may be hiding in system restore a area that the virus scanner can scan inside of but cant clean because its a protected area. do as suggest by an earlier post turn off system restore reboot do a virus scan (just to make sure) and turn back on system restore |
beama (111) | ||
| 1 2 | |||||