After effects of a virus - Documents and Settings folder

  • Thread starter Thread starter Rob Graham
  • Start date Start date
R

Rob Graham

I got hit by a virus that sneaked in before the daily update from AVG - it
was immediately found but all sorts of havoc was wreaked to the extent that
I've had to fit a spare HD and reboot (using XP) accessing the data on the
infected HD as required - the data is in a seperate partition on the
original drive. The worm was 'download.small.54.z'

One thing that I haven't been able to recover from the previous W2K OS is
the .wab file containing my email addresses. It seems that this is in the
'Documents and Settings' folder. The virus has killed the boot sector on
the drive so I can't boot from it but it has also changed the folder name to
'Documents and Setting*' where * is a box in Windows Explorer - the folder
will not open and I cannot rename it. I thought of going into DOS to change
it but XP doesn't have that luxury. Any ideas anyone - or am I just best to
recover what addresses I can from the sent.dbx file which is in the data
folder.


Thanks

Rob
 
Rob Graham said:
I got hit by a virus that sneaked in before the daily update from AVG - it
was immediately found but all sorts of havoc was wreaked to the extent that
I've had to fit a spare HD and reboot (using XP) accessing the data on the
infected HD as required - the data is in a seperate partition on the
original drive. The worm was 'download.small.54.z'

One thing that I haven't been able to recover from the previous W2K OS is
the .wab file containing my email addresses. It seems that this is in the
'Documents and Settings' folder. The virus has killed the boot sector on
the drive so I can't boot from it but it has also changed the folder name to
'Documents and Setting*' where * is a box in Windows Explorer - the folder
will not open and I cannot rename it. I thought of going into DOS to change
it but XP doesn't have that luxury. Any ideas anyone - or am I just best to
recover what addresses I can from the sent.dbx file which is in the data
folder.


Thanks

Rob
Click to expand...

You can boot your machine with a Win98 boot disk from
www.bootdisk.com, then run ntfsdos.exe /L:MN from
www.sysinternals.com to access your NTFS partitions
and possibly retrieve your files.

Your sorry story highlights once again the need to back
up your important files regularly to an independent medium.
If you don't then you get hit sooner or later.
 
From: "Rob Graham" <[email protected]>

| I got hit by a virus that sneaked in before the daily update from AVG - it
| was immediately found but all sorts of havoc was wreaked to the extent that
| I've had to fit a spare HD and reboot (using XP) accessing the data on the
| infected HD as required - the data is in a seperate partition on the
| original drive. The worm was 'download.small.54.z'
|
| One thing that I haven't been able to recover from the previous W2K OS is
| the .wab file containing my email addresses. It seems that this is in the
| 'Documents and Settings' folder. The virus has killed the boot sector on
| the drive so I can't boot from it but it has also changed the folder name to
| 'Documents and Setting*' where * is a box in Windows Explorer - the folder
| will not open and I cannot rename it. I thought of going into DOS to change
| it but XP doesn't have that luxury. Any ideas anyone - or am I just best to
| recover what addresses I can from the sent.dbx file which is in the data
| folder.
|
| Thanks
|
| Rob
|

That does not sound like an Internet worm or virus but a Downloader trojan.
Unfortunately, the AVG library isn't very good and provides NO help at all.

Since it is most likely a Downloader Trojan and not a virus I doubt that it destroyed the
Boot Sector of the Win2K hard disk. If it had that kind of payload then it would definitely
have an entry in the AVG virus library. What caused you problem with your hard disk, I
don't know but maybe your cure was worse thathn the problem.

That is why there are anti virus/anti malware News Groups. To get the RIGHT information on
removing malware.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
alt.privacy.spyware

Was the drive FAT32 or NTFS ?
 
Back
Top