re: Remove taskbar items
Friday, January 29, 2010 at 3:35 pm
Posted by dhm
(1069 messages posted)
Thank you, but since the last time I was here I found it out again while messing
around.
I just spent 10 days removing a Virtob/Virut variant from my computer. I was principally
using Dr.Web's CureIt. I informed Dr.Web that the virus knew there product names
and could find there exclusion list (written in a temporary file) and write a few
exclusions. It has a taste for the DLLCACHE and your office suite, even if it is
Open Office instead of Microsoft Office. Then it gives you a false sense of security
because you've removed so many copies. Then it can reoccur seemingly from nowhere.
I kept swatting it down and thinning it out and Dr.Web created new versions partly
from what I told them. It still took a pass of Avast to find the last little bit
in the office suite.
I've had clean sweeps for 2 days. It's also taken several antispyware programs to
remove some of the flavors of Trojans that Virtob downloaded.
Fortunately I use an obscure firewall and it never located that. Virtob is on record
as corrupting WINLOGON.EXE, SVCHOST.EXE and its own program FIREWALL.EXE which try
to call out thru the firewall. After one lull I suddenly got the message that MSTASK.EXE
wanted an outside connection. I used Search for all copies of it on disk and found
that the current active one was 7 KB longer. That's a symptom of Virtob. That is
apparently a new feature.
One tactic I used was creating a second copy of Win2K in another folder. I could
boot between them alternately and compare files and use one to clean the other.
[Reply or follow-up to this message]
| 
