|
-
January 21st, 2007, 01:36 PM
#1
Junior Member
How to get rid of the virus
Here´s how I got rid of the virus where I work, we had about a thousand infected computers.
First make sure, you have your Antivirus program updated and make sure you have a firewall on (we had a problem with the local firewalls on the computers that´s how we got the virus..).
End all ctfcoms.exe processes running. Search for ctfcoms.exe (both hidden and systemfiles, we had the virus in C:\Program Files\Symantec Antivirus and C:\Windows\System32) and delete the files. Then, in regedit, search for ctfcoms.exe and delete everything you can find. That worked fine for us.
I almost forgot, some of the infected computers also got problems with altered Startpages in IE and were not able to change it. You can fix that by editing the Local Computer Policy in User Configuration\Administrative Template\Windows Components\Internet Explorer\Disable changing home page settings.
-
January 21st, 2007, 05:21 PM
#2
Yeah, that was pretty much the fix at the affected sites we had.
We haven't seen cftoms.exe at our site yet. Hadn't heard about
any problems with startpages either with this thing. Maybe that
was/is a spyware problem?
I guess I'm kinda surprised at the vulnerability of an AV app itself.
Obviously, no app is bulletproof, but to see the havoc this thing
caused at other sites startles me coming from an AV app itself.
Cé la vie.
“Everybody is ignorant, only on different subjects.” — Will Rogers
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
