Affect the "Backdoor.Graybird virus

You can always try this... Turn off your "Backup-and-Restore," then run the anti-virus program again. If it fixes it, create a new restore point, then turn your "Backup-and Restore" back on.

If this virus is a rootkit, then you're in a lot more trouble! Google "rootkit" and see what you learn.

Dear : Friend

My computer are runing with "Norton Save & restore 2.0 program and can not be trun off , please let know the step of trun off the Backup-and Restore function for XP home operating system before I carry-up the anti virus scanning program again.Thank you.

Best Regards

k2chan

Right click on "My Computer", and select "Properties". One of the tabs is labeled "System Restore". Click the box that says "Turn off System Restore"

After you have the problem all cleaned up, you can go back and turn this back on.

Tom

I am pretty sure that Norton can be Booted from the CD or there are ways to do it. Please read my previous post #2 for better details......

If you can, download from one of the Anti Virus companies a free ISO CD image or similar (you may need a different PC with CD or DVD burner) that can be used to boot (assuming your PC allows a CD to boot from BIOS, check and modify if necessary) your PC and it will clean off many of the known viruses without needing to boot Windows.

I feel that is your best bet at this time.

I do believe that the Bootable CD is often a form of Linux that can access data under the various Windows formats.

As you did not give any details about your PC or the Windows version, or the HD Format, it is difficult to be more precise than this.

Best of luck.

K2,

According to the Symantec website (Norton), you have to boot into safe mode to be able to shut down the virus, before running a full scan with Norton. It also says you have to manually remove the changes the virus made to the registry. Please see the following link:

<http://www.symantec.com/security_response/writeup.jsp?docid=2003-040217-2506-99&tabid=3>

If you are able to folllow the instructions listed here, you should be OK. Otherwise, find a friend who is more computer savvy to help you out. Good luck.

Tom

Please look at these Boot CD images with Antivirus software that you can simply download, burn to a CD and then boot from the CD to get rid of your Virus problem. Windows is not active on your hard disk at that time.

Go to this website for example and read first, then download and burn to a CD:-

http://ubcd4win.com/

Or take your hard disk to someone with a running PC with Antivirus software and attach as slave or similar, then wipe the virus. Both ideas should work.....

Do that last one and (depending on the virus) you'll be infecting another computer and losing a friend!!!

Not true. To be active, you need to boot the windows on the hard disk, or start the virus itself. When using another PC to "look" at the hard disk, neither are true....of course the running pc must have good active antivirus software running first!

OK. I'm not 100% certain, but it sounds like you may have a "rootkit" virus. If this is the case, you cannot get rid of it by any normal anti-virus means. Being a rootkit, it can reprogram itself, hide itself within other programs, and infect anything it wants to.

If I were you, I would go to a different computer - one that is known to be clean. On that computer, you want to download an anti-virus program designed for dealing with rootkit viruses. From that computer, you need to burn a boot-able CD. This CD is what you will boot your infected computer from. The machine will not go into Windows, and will create its own kernel. From there, the anti-virus program can hunt down the rootkit virus without being infected itself.

Once that is done, hopefully you'll be virus free. The only thing that can screw you from here is that some rootkit viruses have been designed to write into the computer's BIOS! If this is the case... Well try the other thing first before we get into the BIOS stuff.

Hi All

I has successful to delete the virus affect file from my computer by delete the MP3 file one by one & each time I delete the file, I will perform virus scanning until I locate the affect file (Backup the MP3 folder to CD before & delete the file).

Thank for all the support.

Best Regards

k2chan