Hi guys,

My friend Mike has just done a VERY dodgy thing.

He has downloaded one of those spoof MS Windows patches and run the Q675773.exe code (142Kb). Hence, his Norton AV is now Kaput, and lord knows what is lurking within his machine.

Now, knowing that Norton is now dead, and un-reinstallable (he has tried), how can he get up and running again? Apparently Win98 still starts up...for the time being at least!

Is is worth him attempting to get to the McAfee online AV scanner to sort it out? Or should he remain off line until it is A-OK?

Your help will be greatly appreciated.


Rudders

You could try the sysclean tool here (http://www.trendmicro.com/download/dcs.asp) and you will need the latest pattern files from that site as well. I have it burned to a cd that I take on service calls and I try to update the pattern files once a week or more.

Thanks for that, I'll give it a go.

Rudders

I'd stay offline until it's clean though.

I'd stay offline until it's clean though. I agree thats why I burn it to cd and carry it with me.

http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.removal.tool.html

I usually use the symantec tools as they not only remove the virus, but also undo the registry changes the newer viruses make.

Hi guys,

My friend Mike has just done a VERY dodgy thing.

...Rudders
Come on, fess up, your real name is Mike, isn't it!?! :p

Come on, fess up, your real name is Mike, isn't it!?! :p

Nope, 'fraid not, I don't use microsoft stuff on my own machines any more at home.
Believe it or not, I still get online using an Amiga 2000...no one can remember how to trash them these days! ;-) (68000 code is in the dim and distant past for most).

Microsoft is for using when NOT accessing the net if you want to remain hacker free methinks.

Besides, I can get online from work too, so I have no major need for much online at home.