virus clean up, pull out hd and put in a clean system to clean up?

**nerd1** · 15-08-08, 09:01 PM

I've been given a machine to clean up. Its been infected with a virus after playing a network game. Now it just shuts down when the computer is turned on.

Can I simply pull the HD out (Win XP) and plug it into my system (VISTA) and run Avat, Search & destroy etc etc?

Will I break anything on the WinXP system? ... might be a bit late now

i've started. what I'm worried about is file premissions etc.

what else should I do?

**nerd1** · 15-08-08, 10:29 PM

Avast has found VBS.Solow but its not able to delete it/repair it/move to chest. I think its got to do with file permissions

Is there a boot cd that has antivirus software that can clean this up?

**nerd1** · 15-08-08, 10:30 PM

hmm the boot cd will probably have the same problem with file permissions...

**tagg** · 15-08-08, 10:45 PM

VBS.Solow.B propagates on computers via removable media drives. It modifies Web Browser title to "Taga Lipa Are"

Technical Name: VBS.Solow.B

Threat Level: Low

Type: Worm

Systems Affected: Windows All

Tagg

**tagg** · 15-08-08, 10:46 PM

HOW TO REMOVE VBS.Solow.B :

1. Temporarily Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Reboot computer in SafeMode

4. Run a full system scan and clean/delete all infected files

5. Delete related files:

a) Open My Computer -> Tools Menu -> Folder Options -> View Tab:
b) Select: Show hidden Files and Folders
c) Uncheck: Hide Extensions for known file type and Hide Protected operating system
d) Click Yes Then OK.
e) Delete autorun.inf and FS6519.dll.vbs in all your hard drive. Commonly found in root of Drive C. Use your Windows "Search" function to find all.

6. Delete any values added to the registry.
Navigate to and delete the following registry entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\"FS6519" = "%Windir%\FS6519.dll.vbs"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "TAGA LIPA ARE!"

7. Exit registry editor and restart the computer.
8. In order to make sure that the threat is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.

Tagg

**nerd1** · 15-08-08, 10:56 PM

Thanks Tagg, will take the drive out and put it back in.

That doesnt explain why the computer's rebooting on start up. i'll see how it goes in safe mode.

**tagg** · 15-08-08, 10:57 PM

you may have a power supply or memory problem

Tagg

**Studio1** · 17-08-08, 07:25 AM

It wasn't running Norton's by any chance was it?

15-08-08, 09:01 PM	#1 (permalink)
nerd1 galleries.wickedweasel.co iTrader: (0) Join Date: Jan 2008 Posts: 125 Spent time on board: 1 Day and 18:44:19	virus clean up, pull out hd and put in a clean system to clean up? I've been given a machine to clean up. Its been infected with a virus after playing a network game. Now it just shuts down when the computer is turned on. Can I simply pull the HD out (Win XP) and plug it into my system (VISTA) and run Avat, Search & destroy etc etc? Will I break anything on the WinXP system? ... might be a bit late now i've started. what I'm worried about is file premissions etc. what else should I do?

LinkBacks (?) LinkBack to this Thread: http://www.austech.info/security-privacy/9937-virus-clean-up-pull-out-hd-put-clean-system-clean-up.html
Posted By	For	Type	Date
Austech - Powered by vBulletin	This thread	Refback	17-08-08 06:47 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

15-08-08, 10:29 PM	#2 (permalink)
nerd1 galleries.wickedweasel.co iTrader: (0) Join Date: Jan 2008 Posts: 125 Spent time on board: 1 Day and 18:44:19	Avast has found VBS.Solow but its not able to delete it/repair it/move to chest. I think its got to do with file permissions Is there a boot cd that has antivirus software that can clean this up?

15-08-08, 10:30 PM	#3 (permalink)
nerd1 galleries.wickedweasel.co iTrader: (0) Join Date: Jan 2008 Posts: 125 Spent time on board: 1 Day and 18:44:19	hmm the boot cd will probably have the same problem with file permissions...

15-08-08, 10:45 PM	#4 (permalink)
tagg Senior Member iTrader: (7) Join Date: Jan 2008 Location: In a Tin Can Posts: 602 Spent time on board: 4 Weeks, 0 Days and 4:58:30	VBS.Solow.B propagates on computers via removable media drives. It modifies Web Browser title to "Taga Lipa Are" Technical Name: VBS.Solow.B Threat Level: Low Type: Worm Systems Affected: Windows All Tagg

15-08-08, 10:46 PM	#5 (permalink)
tagg Senior Member iTrader: (7) Join Date: Jan 2008 Location: In a Tin Can Posts: 602 Spent time on board: 4 Weeks, 0 Days and 4:58:30	HOW TO REMOVE VBS.Solow.B : 1. Temporarily Disable System Restore (Windows Me/XP). 2. Update the virus definitions. 3. Reboot computer in SafeMode 4. Run a full system scan and clean/delete all infected files 5. Delete related files: a) Open My Computer -> Tools Menu -> Folder Options -> View Tab: b) Select: Show hidden Files and Folders c) Uncheck: Hide Extensions for known file type and Hide Protected operating system d) Click Yes Then OK. e) Delete autorun.inf and FS6519.dll.vbs in all your hard drive. Commonly found in root of Drive C. Use your Windows "Search" function to find all. 6. Delete any values added to the registry. Navigate to and delete the following registry entries: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\"FS6519" = "%Windir%\FS6519.dll.vbs" HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "TAGA LIPA ARE!" 7. Exit registry editor and restart the computer. 8. In order to make sure that the threat is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner. Tagg

15-08-08, 10:56 PM	#6 (permalink)
nerd1 galleries.wickedweasel.co iTrader: (0) Join Date: Jan 2008 Posts: 125 Spent time on board: 1 Day and 18:44:19	Thanks Tagg, will take the drive out and put it back in. That doesnt explain why the computer's rebooting on start up. i'll see how it goes in safe mode.

15-08-08, 10:57 PM	#7 (permalink)
tagg Senior Member iTrader: (7) Join Date: Jan 2008 Location: In a Tin Can Posts: 602 Spent time on board: 4 Weeks, 0 Days and 4:58:30	you may have a power supply or memory problem Tagg

17-08-08, 07:25 AM	#8 (permalink)
Studio1 Senior Member iTrader: (0) Join Date: Jan 2008 Location: Inside the toaster Posts: 484 Spent time on board: 3 Days and 11:13:34	It wasn't running Norton's by any chance was it?

Sponsored Links

Sponsored Links