i got this message from Norton antivirus

Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: Backdoor.Hogle
File: C:\WINDOWS\system32\syscpy.exe
Location: C:\WINDOWS\system32
Computer: _______
User: ________
Action taken: Clean failed : Delete failed : Access denied
Date found: Tuesday, December 09, 2003 4:25:56 PM


Any help would be great.....

HERE (http://www.symantec.com/avcenter/venc/data/backdoor.hogle.html) are the instructions for removal.

Good Luck,
Paul

If you are running Win Me or XP, you will have to disable system restore.

Or follow the link that pbarr86 provided to remove it manually from your registry.

Any questions man, let me know.

later

thanks for the link...now i have to do it.:(

on another note....how do i delete the annoying search bars in IE? ones such as (superbar, stbar, i-lookup.com bar, etc...). i've tried deleting them, none have uninstall thing. Any suggestions?

AdAware may get rid of some of them, also look in add remove programs some of them should be there.

Paul

Originally posted by jtej
thanks for the link...now i have to do it.:(

on another note....how do i delete the annoying search bars in IE? ones such as (superbar, stbar, i-lookup.com bar, etc...). i've tried deleting them, none have uninstall thing. Any suggestions?

damn dude, do you download everything that popups?:confused:

Most of those "bars" will be in add/remove programs, but yet again there might be some registry hacks that will need to happen also.

If you dont have it already, www.ad-aware.com.

These are 2 free virus scanners, not protection programs.
housecall.antivirus.com
vil.nai.com/vil/stinger

later

also you may want to try Spybot..search and destroy.......seems to work fairly well.

Originally posted by zephead400ex
If you are running Win Me or XP, you will have to disable system restore.

Or follow the link that pbarr86 provided to remove it manually from your registry.
Any questions man, let me know.later

This is from the link in the other post:
---------------------------------------------------------------
For specific details on each of these steps, read the following instructions.
1. Disabling System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.

For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles.
----------------------------------------------------------------------
Thanks, I just learned something important about removing viruses from XP. Did not know system restore would not let outside programs change it, which really is a good idea come to think of it. Would not have thought of turning off system restore so the virus could be taken out of it.
I wonder if system restore should be turned off before a Spyware removal program or a virus scan (norton) is ran? Seems to me that it should be according to this article. I'll try it and see if it makes any difference.
Also, does this mean that if system restore is turned off, it can be changed by a outside program or application? Anyone know?

Originally posted by SGA
Thanks, I just learned something important about removing viruses from XP. Did not know system restore would not let outside programs change it, which really is a good idea come to think of it. Would not have thought of turning off system restore so the virus could be taken out of it.
I wonder if system restore should be turned off before a Spyware removal program or a virus scan (norton) is ran? Seems to me that it should be according to this article. I'll try it and see if it makes any difference.
Also, does this mean that if system restore is turned off, it can be changed by a outside program or application? Anyone know?

Actually, I have never even thought of disabling system restore before running a spyware remover. However, if the spyware program did have a problem removing the spyware because access is denied, the program [I]should[I] alert you of this.

Try it, then let me know how/if it works.

later

Just be glad you don't have the butt flu....:eek2: :eek2:

Originally posted by Rico
Just be glad you don't have the butt flu....:eek2: :eek2:

you got that there blaster virus!!!! haha:blah:

Originally posted by Rico
Just be glad you don't have the butt flu....:eek2: :eek2:
Isnt that the same as having the runs?:confused:

Originally posted by jtej
thanks for the link...now i have to do it.:(

on another note....how do i delete the annoying search bars in IE? ones such as (superbar, stbar, i-lookup.com bar, etc...). i've tried deleting them, none have uninstall thing. Any suggestions?

my computer is doing the same thing how do i get rid of the links in the address bar ?

Originally posted by tat900
my computer is doing the same thing how do i get rid of the links in the address bar ?

stop looking at porn.... they will time out.. lol


tools> internet options> content tab> auto complete button> clear forms and on the genral tab> clear history

atcually it wasint porn but thank you for the help ill try it as soon as i get home from work

Delete IE because all it does is gives u ads and spyware. Get Mozilla Firefox, i havent had a popup yet

well i did the auto complete and cleared history but its not clearing the bar . When i start to type the address its start coming up like it is attached somehow ?

is it a virus attached to the address bar ?

if you uncheck the boxes in the autocomplete area it should stop