Solved

W32/NGVCK.a cleaning

Posted on 2004-09-27
6
1,071 Views
Last Modified: 2013-12-04
A friend has McAfee Virus Online.  A scan shows 534 files infected, mostly by NGVCK.a virus.

After running the scan, it says it can't clean the files, and gives me the opportunity to quarantine them.  However, some of them are system files and it seems like a quarantine would make the system inoperable.  

I am getting a Windows File Protection asking to replace some of the affected files if I've got the CD  (Home Edition).

What's the best way to clean this?
0
Comment
Question by:kellysmith120
  • 4
  • 2
6 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 12170165
McAfee Stinger...
http://vil.nai.com/vil/stinger/
-rich
0
 

Author Comment

by:kellysmith120
ID: 12170258
Thanks, rich.  I saw the stinger from McAfee, but it doesn't specifically list the virus in question.  Also, the Online version I'm running detects the virus fine, but says they can't be fixed.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 50 total points
ID: 12170430
Did you try stinger anyway?
I don't see any standalone remover's for this- but it's rumored that this tool could do it
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html but not guarnteed

http://support.f-secure.com/enu/home/ols.shtml might be able to help...

This virus may be too much for a standalone tool to remove- if you have a friend with an updated AV product, perhaps you can bring your HD over to them, and install it in thier pc as a slave drive, and they can scan you HD and remove the files (like unblaster.exe)
TDS3 may also help you http://tds.diamondcs.com.au/index.php?page=download GL
-rich
0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 

Author Comment

by:kellysmith120
ID: 12172012
I've downloaded the stinger for her, but it seems pretty precise about the viruses it detects.

I have a full version of McAfee on line running, so I'm not sure why it wouldn't take care of it.  The only thing I can come up with is disabling the System Restore.  Most of the files aren't don't appear to be system restore locked, so that might not work either.

I'll try both solutions (System Restore and the removal tools).  If the System Restore doesn't fix it, and the tools do, I'll award the points.

Otherwise, to clarify and repeat the question - My virus software found infections with the NGVCK.a on system files (C:\winnt , etc.), and says it can't clean them, and I'm assuming that I can't just 'delete' them.  How do I remove the virus (using McAfee Online) from my system?
0
 

Author Comment

by:kellysmith120
ID: 12172387
FYI - I will be out of town for a couple of days, but will check back  before I leave and again when I return.
0
 

Author Comment

by:kellysmith120
ID: 12221776
Stinger didn't remove it.  She's given up and going to reformat it.  

The answer didn't help me, but I'll award them for maybe helping someone else who reads it and is unaware of Stinger.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2012 session collection security. 2 73
Thin secure Windows 10 5 76
Read-only access for auditors 5 67
Login to computer through Admin Priviligies 9 88
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now