| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 38203 | 2003-09-30 10:05:00 | Cannot remove virus | dynamitedebs (4282) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 179345 | 2003-09-30 10:05:00 | Hi all AVG anti-virus has continued to alert me over last few days to a worm/nachi in C drive of windows. (file ends in DLLHOST.EXE). However, it says it cannot remove it, and doesnt provide any other details. My overall computer knowledge is intermediate, and not advanced enough to know offhand what to do. Running WindowsXP here. Grateful for any help Thanks |
dynamitedebs (4282) | ||
| 179346 | 2003-09-30 10:25:00 | dynamitedebs, See the following Welchia/Nachi Removal Tool (securityresponse.symantec.com) for information and help in removing the worm. Note this is another worm/trojan/virus which uses the same vulnerability as the Blaster worm. Ensure you have installed the patch for Win XP. Cheers, Babe. |
Babe Ruth (416) | ||
| 179347 | 2003-09-30 11:40:00 | If it mentions "system" in that dialog, it could be that the virus is in a system restore point. Then you have to turn off system restore, restart PC, and scan again with AVG. Then if all clear, turn on restore again. (Windows help will show you how to turn on/off restore) | Pheonix (280) | ||
| 179348 | 2003-10-01 07:36:00 | Thank you for your replies. I will initiate suggestion included above for removing worm and yes it does have 'system' , so I will try an earlier restore point - good idea. Thanks again. |
dynamitedebs (4282) | ||
| 179349 | 2003-10-01 08:10:00 | SUCCESS!! thanks to Pheonix and Babe, successfully removed:)) | dynamitedebs (4282) | ||
| 179350 | 2003-10-01 08:27:00 | >yes it does have 'system' , so I will try an earlier restore point - good idea. Just to clarify something - you needed to delete all previous restore points and start afresh again. By doing this, you will purge the virus from you stored system restore points and prevent accidental self-reinfection at a later date. Did you turn off System Restore, reboot and then re-enable it after running the antivirus software? It is just from what you have said, it seems like you have just restored the PC to an earlier time. Please accept my apologies if this is not the case and I have just mis-interpreted this :) |
Jen C (20) | ||
| 1 | |||||