Find Files and Folders
Last response: in Windows 95/98/ME
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
Hi,
"*.RBO" is known as a worm extension. When I type in "*.RBO" to find files
with this extension I get no files found eventhough there are many files
with that extension.
Thanks
AJS
Hi,
"*.RBO" is known as a worm extension. When I type in "*.RBO" to find files
with this extension I get no files found eventhough there are many files
with that extension.
Thanks
AJS
More about : find files folders
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
What do you mean "even though there are many files with that extension"?
How do you know?
--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm
"AJS" <newsgroup@sorga.com> wrote in message
news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
> Hi,
> "*.RBO" is known as a worm extension. When I type in "*.RBO" to find
files
> with this extension I get no files found eventhough there are many
files
> with that extension.
> Thanks
> AJS
>
>
>
What do you mean "even though there are many files with that extension"?
How do you know?
--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm
"AJS" <newsgroup@sorga.com> wrote in message
news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
> Hi,
> "*.RBO" is known as a worm extension. When I type in "*.RBO" to find
files
> with this extension I get no files found eventhough there are many
files
> with that extension.
> Thanks
> AJS
>
>
>
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
I found these files by looking in folders in the Explorer window. Since I
don't
know how many and where there all are, I tried typing "*.rbo" in the find
files
and folders window. But none of these files showed up. To make sure I had
the
right extension I went to properties on one of these files.
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| What do you mean "even though there are many files with that extension"?
| How do you know?
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > Hi,
| > "*.RBO" is known as a worm extension. When I type in "*.RBO" to find
| files
| > with this extension I get no files found eventhough there are many
| files
| > with that extension.
| > Thanks
| > AJS
| >
| >
| >
|
I found these files by looking in folders in the Explorer window. Since I
don't
know how many and where there all are, I tried typing "*.rbo" in the find
files
and folders window. But none of these files showed up. To make sure I had
the
right extension I went to properties on one of these files.
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| What do you mean "even though there are many files with that extension"?
| How do you know?
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > Hi,
| > "*.RBO" is known as a worm extension. When I type in "*.RBO" to find
| files
| > with this extension I get no files found eventhough there are many
| files
| > with that extension.
| > Thanks
| > AJS
| >
| >
| >
|
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
Hi,
I am unable to find your post.
Can you help me finding it?
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| What do you mean "even though there are many files with that extension"?
| How do you know?
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > Hi,
| > "*.RBO" is known as a worm extension. When I type in "*.RBO" to find
| files
| > with this extension I get no files found eventhough there are many
| files
| > with that extension.
| > Thanks
| > AJS
| >
| >
| >
|
Hi,
I am unable to find your post.
Can you help me finding it?
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| What do you mean "even though there are many files with that extension"?
| How do you know?
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > Hi,
| > "*.RBO" is known as a worm extension. When I type in "*.RBO" to find
| files
| > with this extension I get no files found eventhough there are many
| files
| > with that extension.
| > Thanks
| > AJS
| >
| >
| >
|
Related ressources
- Find Files or Folders broken - Forum
- How do I get Win98 style " find files or folders " in Window.. - Forum
- Find USERID for Last Modified files and folders - Forum
- Can't delete files/folders even though I am the owner/admin - Forum
- Vbscript to copy files with conditions (if folders exists) - Forum
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
I didn't reply to your post last night because I went to bed before you
replied to mine. And I slept in. (In the newsgroup, that is. Sorry if my
email wasn't clear. I intended for you to repeat your reply here after
sending me an email reply.)
See the links in my signature, especially the one on Security. You have
been infected with the Magistr.B worm virus. My guess is that you have a
lot more infestations to deal with, as well. You can find removal
instructions here:
http://securityresponse.symantec.com/avcenter/venc/data...
From what I read, your system *may* be irreparably damaged. This worm
included time-bomb like features. The sooner you deal with it, the
better. If you back up any files for safe keeping, be sure to scan them
for viruses before you try restoring them to any other system.
--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm
"AJS" <newsgroup@sorga.com> wrote in message
news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
> Hi,
> I am unable to find your post.
> Can you help me finding it?
>
> "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
> | What do you mean "even though there are many files with that
extension"?
> | How do you know?
> |
> | --
> | Gary S. Terhune
> | MS MVP Shell/User
> | http://www.grystmill.com/articles/cleanboot.htm
> | http://www.grystmill.com/articles/security.htm
> |
> | "AJS" <newsgroup@sorga.com> wrote in message
> | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
> | > Hi,
> | > "*.RBO" is known as a worm extension. When I type in "*.RBO" to
find
> | files
> | > with this extension I get no files found eventhough there are many
> | files
> | > with that extension.
> | > Thanks
> | > AJS
> | >
> | >
> | >
> |
>
>
I didn't reply to your post last night because I went to bed before you
replied to mine. And I slept in. (In the newsgroup, that is. Sorry if my
email wasn't clear. I intended for you to repeat your reply here after
sending me an email reply.)
See the links in my signature, especially the one on Security. You have
been infected with the Magistr.B worm virus. My guess is that you have a
lot more infestations to deal with, as well. You can find removal
instructions here:
http://securityresponse.symantec.com/avcenter/venc/data...
From what I read, your system *may* be irreparably damaged. This worm
included time-bomb like features. The sooner you deal with it, the
better. If you back up any files for safe keeping, be sure to scan them
for viruses before you try restoring them to any other system.
--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm
"AJS" <newsgroup@sorga.com> wrote in message
news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
> Hi,
> I am unable to find your post.
> Can you help me finding it?
>
> "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
> | What do you mean "even though there are many files with that
extension"?
> | How do you know?
> |
> | --
> | Gary S. Terhune
> | MS MVP Shell/User
> | http://www.grystmill.com/articles/cleanboot.htm
> | http://www.grystmill.com/articles/security.htm
> |
> | "AJS" <newsgroup@sorga.com> wrote in message
> | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
> | > Hi,
> | > "*.RBO" is known as a worm extension. When I type in "*.RBO" to
find
> | files
> | > with this extension I get no files found eventhough there are many
> | files
> | > with that extension.
> | > Thanks
> | > AJS
> | >
> | >
> | >
> |
>
>
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
Hi Gary,
Sorry about the confusion...
I did run a virus scan (Trend Micro) and ad-aware. Both times no infected
files were found. This is why I am deleting files manually. I noticed a lot
of these files (*.RBO) in the Windows-System folder. Before I deleted these
files I ran a search to get all the *.RBO files by going to "Start - Find -
Files or Folders..." In the "Named" box I typed "*.RBO", clicked on "find
now", Look in: (C![:)]( ":)")
.
No files were found... I also tried to be more specific with the search and
looked in "Windows - System", and still no such files were found.
What need I do so that "Start - Find -Files or Folders..." will find all the
*.RBO files on my "C" drive?
N.B. My system still runs fine until now.
Thank you.
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:unCCZiHOFHA.1476@TK2MSFTNGP09.phx.gbl...
| I didn't reply to your post last night because I went to bed before you
| replied to mine. And I slept in. (In the newsgroup, that is. Sorry if my
| email wasn't clear. I intended for you to repeat your reply here after
| sending me an email reply.)
|
| See the links in my signature, especially the one on Security. You have
| been infected with the Magistr.B worm virus. My guess is that you have a
| lot more infestations to deal with, as well. You can find removal
| instructions here:
|
http://securityresponse.symantec.com/avcenter/venc/data...
|
| From what I read, your system *may* be irreparably damaged. This worm
| included time-bomb like features. The sooner you deal with it, the
| better. If you back up any files for safe keeping, be sure to scan them
| for viruses before you try restoring them to any other system.
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
| > Hi,
| > I am unable to find your post.
| > Can you help me finding it?
| >
| > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
| > news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| > | What do you mean "even though there are many files with that
| extension"?
| > | How do you know?
| > |
| > | --
| > | Gary S. Terhune
| > | MS MVP Shell/User
| > | http://www.grystmill.com/articles/cleanboot.htm
| > | http://www.grystmill.com/articles/security.htm
| > |
| > | "AJS" <newsgroup@sorga.com> wrote in message
| > | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > | > Hi,
| > | > "*.RBO" is known as a worm extension. When I type in "*.RBO" to
| find
| > | files
| > | > with this extension I get no files found eventhough there are many
| > | files
| > | > with that extension.
| > | > Thanks
| > | > AJS
| > | >
| > | >
| > | >
| > |
| >
| >
|
Hi Gary,
Sorry about the confusion...
I did run a virus scan (Trend Micro) and ad-aware. Both times no infected
files were found. This is why I am deleting files manually. I noticed a lot
of these files (*.RBO) in the Windows-System folder. Before I deleted these
files I ran a search to get all the *.RBO files by going to "Start - Find -
Files or Folders..." In the "Named" box I typed "*.RBO", clicked on "find
now", Look in: (C
.No files were found... I also tried to be more specific with the search and
looked in "Windows - System", and still no such files were found.
What need I do so that "Start - Find -Files or Folders..." will find all the
*.RBO files on my "C" drive?
N.B. My system still runs fine until now.
Thank you.
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news:unCCZiHOFHA.1476@TK2MSFTNGP09.phx.gbl...
| I didn't reply to your post last night because I went to bed before you
| replied to mine. And I slept in. (In the newsgroup, that is. Sorry if my
| email wasn't clear. I intended for you to repeat your reply here after
| sending me an email reply.)
|
| See the links in my signature, especially the one on Security. You have
| been infected with the Magistr.B worm virus. My guess is that you have a
| lot more infestations to deal with, as well. You can find removal
| instructions here:
|
http://securityresponse.symantec.com/avcenter/venc/data...
|
| From what I read, your system *may* be irreparably damaged. This worm
| included time-bomb like features. The sooner you deal with it, the
| better. If you back up any files for safe keeping, be sure to scan them
| for viruses before you try restoring them to any other system.
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
| > Hi,
| > I am unable to find your post.
| > Can you help me finding it?
| >
| > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
| > news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| > | What do you mean "even though there are many files with that
| extension"?
| > | How do you know?
| > |
| > | --
| > | Gary S. Terhune
| > | MS MVP Shell/User
| > | http://www.grystmill.com/articles/cleanboot.htm
| > | http://www.grystmill.com/articles/security.htm
| > |
| > | "AJS" <newsgroup@sorga.com> wrote in message
| > | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > | > Hi,
| > | > "*.RBO" is known as a worm extension. When I type in "*.RBO" to
| find
| > | files
| > | > with this extension I get no files found eventhough there are many
| > | files
| > | > with that extension.
| > | > Thanks
| > | > AJS
| > | >
| > | >
| > | >
| > |
| >
| >
|
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
I can't tell you, specifically, what you need to do to enable Find to
locate those files. My guess is that a Registry hack similar to a Policy
is responsible. Might try running REGEDIT and doing a search on that
file extension. Have you tried searching on just RBO, not on *.RBO. Or
other variations like *BO or *RBO, or even just *O
But I can almost guarantee you that the virus is present, and it's
probably quite capable of stopping the usual antivirus apps from
detecting or removing it. Which is why I pointed you to the removal
tool. Might want to try doing these things in Safe Mode, though I'm not
certain it will help much.
Anti-spyware apps are useless against this intruder. As are most normal
AV apps, once the virus actually infects the system. I get hits from my
ETrust AV all the time on this virus, but that's *before* it actually
makes it into the system, usually before the email that carries it even
gets opened. More involved methods would include using another machine
to download F-Prot for DOS, along with current definitions, then burn
them all to a bootable CD made using an ISO image of a Windows Startup
disk. But I can't say for sure that this would do the trick. Please try
the removal tool I pointed you to at Symantec.
--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm
"AJS" <newsgroup@sorga.com> wrote in message
news![:o]( ":o")
JZvqhNOFHA.2384@tk2msftngp13.phx.gbl...
> Hi Gary,
> Sorry about the confusion...
>
> I did run a virus scan (Trend Micro) and ad-aware. Both times no
infected
> files were found. This is why I am deleting files manually. I noticed
a lot
> of these files (*.RBO) in the Windows-System folder. Before I deleted
these
> files I ran a search to get all the *.RBO files by going to "Start -
Find -
> Files or Folders..." In the "Named" box I typed "*.RBO", clicked on
"find
> now", Look in: (C![:)]( ":)")
.
> No files were found... I also tried to be more specific with the
search and
> looked in "Windows - System", and still no such files were found.
>
> What need I do so that "Start - Find -Files or Folders..." will find
all the
> *.RBO files on my "C" drive?
> N.B. My system still runs fine until now.
> Thank you.
>
> "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> news:unCCZiHOFHA.1476@TK2MSFTNGP09.phx.gbl...
> | I didn't reply to your post last night because I went to bed before
you
> | replied to mine. And I slept in. (In the newsgroup, that is. Sorry
if my
> | email wasn't clear. I intended for you to repeat your reply here
after
> | sending me an email reply.)
> |
> | See the links in my signature, especially the one on Security. You
have
> | been infected with the Magistr.B worm virus. My guess is that you
have a
> | lot more infestations to deal with, as well. You can find removal
> | instructions here:
> |
>
http://securityresponse.symantec.com/avcenter/venc/data...
> |
> | From what I read, your system *may* be irreparably damaged. This
worm
> | included time-bomb like features. The sooner you deal with it, the
> | better. If you back up any files for safe keeping, be sure to scan
them
> | for viruses before you try restoring them to any other system.
> |
> | --
> | Gary S. Terhune
> | MS MVP Shell/User
> | http://www.grystmill.com/articles/cleanboot.htm
> | http://www.grystmill.com/articles/security.htm
> |
> | "AJS" <newsgroup@sorga.com> wrote in message
> | news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
> | > Hi,
> | > I am unable to find your post.
> | > Can you help me finding it?
> | >
> | > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> | > news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
> | > | What do you mean "even though there are many files with that
> | extension"?
> | > | How do you know?
> | > |
> | > | --
> | > | Gary S. Terhune
> | > | MS MVP Shell/User
> | > | http://www.grystmill.com/articles/cleanboot.htm
> | > | http://www.grystmill.com/articles/security.htm
> | > |
> | > | "AJS" <newsgroup@sorga.com> wrote in message
> | > | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
> | > | > Hi,
> | > | > "*.RBO" is known as a worm extension. When I type in "*.RBO"
to
> | find
> | > | files
> | > | > with this extension I get no files found eventhough there are
many
> | > | files
> | > | > with that extension.
> | > | > Thanks
> | > | > AJS
> | > | >
> | > | >
> | > | >
> | > |
> | >
> | >
> |
>
>
I can't tell you, specifically, what you need to do to enable Find to
locate those files. My guess is that a Registry hack similar to a Policy
is responsible. Might try running REGEDIT and doing a search on that
file extension. Have you tried searching on just RBO, not on *.RBO. Or
other variations like *BO or *RBO, or even just *O
But I can almost guarantee you that the virus is present, and it's
probably quite capable of stopping the usual antivirus apps from
detecting or removing it. Which is why I pointed you to the removal
tool. Might want to try doing these things in Safe Mode, though I'm not
certain it will help much.
Anti-spyware apps are useless against this intruder. As are most normal
AV apps, once the virus actually infects the system. I get hits from my
ETrust AV all the time on this virus, but that's *before* it actually
makes it into the system, usually before the email that carries it even
gets opened. More involved methods would include using another machine
to download F-Prot for DOS, along with current definitions, then burn
them all to a bootable CD made using an ISO image of a Windows Startup
disk. But I can't say for sure that this would do the trick. Please try
the removal tool I pointed you to at Symantec.
--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm
"AJS" <newsgroup@sorga.com> wrote in message
news
JZvqhNOFHA.2384@tk2msftngp13.phx.gbl...> Hi Gary,
> Sorry about the confusion...
>
> I did run a virus scan (Trend Micro) and ad-aware. Both times no
infected
> files were found. This is why I am deleting files manually. I noticed
a lot
> of these files (*.RBO) in the Windows-System folder. Before I deleted
these
> files I ran a search to get all the *.RBO files by going to "Start -
Find -
> Files or Folders..." In the "Named" box I typed "*.RBO", clicked on
"find
> now", Look in: (C
.> No files were found... I also tried to be more specific with the
search and
> looked in "Windows - System", and still no such files were found.
>
> What need I do so that "Start - Find -Files or Folders..." will find
all the
> *.RBO files on my "C" drive?
> N.B. My system still runs fine until now.
> Thank you.
>
> "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> news:unCCZiHOFHA.1476@TK2MSFTNGP09.phx.gbl...
> | I didn't reply to your post last night because I went to bed before
you
> | replied to mine. And I slept in. (In the newsgroup, that is. Sorry
if my
> | email wasn't clear. I intended for you to repeat your reply here
after
> | sending me an email reply.)
> |
> | See the links in my signature, especially the one on Security. You
have
> | been infected with the Magistr.B worm virus. My guess is that you
have a
> | lot more infestations to deal with, as well. You can find removal
> | instructions here:
> |
>
http://securityresponse.symantec.com/avcenter/venc/data...
> |
> | From what I read, your system *may* be irreparably damaged. This
worm
> | included time-bomb like features. The sooner you deal with it, the
> | better. If you back up any files for safe keeping, be sure to scan
them
> | for viruses before you try restoring them to any other system.
> |
> | --
> | Gary S. Terhune
> | MS MVP Shell/User
> | http://www.grystmill.com/articles/cleanboot.htm
> | http://www.grystmill.com/articles/security.htm
> |
> | "AJS" <newsgroup@sorga.com> wrote in message
> | news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
> | > Hi,
> | > I am unable to find your post.
> | > Can you help me finding it?
> | >
> | > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
> | > news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
> | > | What do you mean "even though there are many files with that
> | extension"?
> | > | How do you know?
> | > |
> | > | --
> | > | Gary S. Terhune
> | > | MS MVP Shell/User
> | > | http://www.grystmill.com/articles/cleanboot.htm
> | > | http://www.grystmill.com/articles/security.htm
> | > |
> | > | "AJS" <newsgroup@sorga.com> wrote in message
> | > | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
> | > | > Hi,
> | > | > "*.RBO" is known as a worm extension. When I type in "*.RBO"
to
> | find
> | > | files
> | > | > with this extension I get no files found eventhough there are
many
> | > | files
> | > | > with that extension.
> | > | > Thanks
> | > | > AJS
> | > | >
> | > | >
> | > | >
> | > |
> | >
> | >
> |
>
>
Archived from groups: microsoft.public.win98.gen_discussion (More info?)
I did run the Symantec removal tool. Again, nothing was found. I ran a
search for *.exe files looked in its folder and about 90% of these files
have a file with the same file name but a ".RBO" extension in the same
folder. I deleted them all (took me hours). What a nasty worm...
Also, I searched the registry for the RBO extension but there were none.
Thanks for your help.
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news![:o]( ":o")
WkMwmOOFHA.576@TK2MSFTNGP15.phx.gbl...
| I can't tell you, specifically, what you need to do to enable Find to
| locate those files. My guess is that a Registry hack similar to a Policy
| is responsible. Might try running REGEDIT and doing a search on that
| file extension. Have you tried searching on just RBO, not on *.RBO. Or
| other variations like *BO or *RBO, or even just *O
|
| But I can almost guarantee you that the virus is present, and it's
| probably quite capable of stopping the usual antivirus apps from
| detecting or removing it. Which is why I pointed you to the removal
| tool. Might want to try doing these things in Safe Mode, though I'm not
| certain it will help much.
|
| Anti-spyware apps are useless against this intruder. As are most normal
| AV apps, once the virus actually infects the system. I get hits from my
| ETrust AV all the time on this virus, but that's *before* it actually
| makes it into the system, usually before the email that carries it even
| gets opened. More involved methods would include using another machine
| to download F-Prot for DOS, along with current definitions, then burn
| them all to a bootable CD made using an ISO image of a Windows Startup
| disk. But I can't say for sure that this would do the trick. Please try
| the removal tool I pointed you to at Symantec.
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news![:o]( ":o")
JZvqhNOFHA.2384@tk2msftngp13.phx.gbl...
| > Hi Gary,
| > Sorry about the confusion...
| >
| > I did run a virus scan (Trend Micro) and ad-aware. Both times no
| infected
| > files were found. This is why I am deleting files manually. I noticed
| a lot
| > of these files (*.RBO) in the Windows-System folder. Before I deleted
| these
| > files I ran a search to get all the *.RBO files by going to "Start -
| Find -
| > Files or Folders..." In the "Named" box I typed "*.RBO", clicked on
| "find
| > now", Look in: (C![:)]( ":)")
.
| > No files were found... I also tried to be more specific with the
| search and
| > looked in "Windows - System", and still no such files were found.
| >
| > What need I do so that "Start - Find -Files or Folders..." will find
| all the
| > *.RBO files on my "C" drive?
| > N.B. My system still runs fine until now.
| > Thank you.
| >
| > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
| > news:unCCZiHOFHA.1476@TK2MSFTNGP09.phx.gbl...
| > | I didn't reply to your post last night because I went to bed before
| you
| > | replied to mine. And I slept in. (In the newsgroup, that is. Sorry
| if my
| > | email wasn't clear. I intended for you to repeat your reply here
| after
| > | sending me an email reply.)
| > |
| > | See the links in my signature, especially the one on Security. You
| have
| > | been infected with the Magistr.B worm virus. My guess is that you
| have a
| > | lot more infestations to deal with, as well. You can find removal
| > | instructions here:
| > |
| >
|
http://securityresponse.symantec.com/avcenter/venc/data...
| > |
| > | From what I read, your system *may* be irreparably damaged. This
| worm
| > | included time-bomb like features. The sooner you deal with it, the
| > | better. If you back up any files for safe keeping, be sure to scan
| them
| > | for viruses before you try restoring them to any other system.
| > |
| > | --
| > | Gary S. Terhune
| > | MS MVP Shell/User
| > | http://www.grystmill.com/articles/cleanboot.htm
| > | http://www.grystmill.com/articles/security.htm
| > |
| > | "AJS" <newsgroup@sorga.com> wrote in message
| > | news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
| > | > Hi,
| > | > I am unable to find your post.
| > | > Can you help me finding it?
| > | >
| > | > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
| > | > news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| > | > | What do you mean "even though there are many files with that
| > | extension"?
| > | > | How do you know?
| > | > |
| > | > | --
| > | > | Gary S. Terhune
| > | > | MS MVP Shell/User
| > | > | http://www.grystmill.com/articles/cleanboot.htm
| > | > | http://www.grystmill.com/articles/security.htm
| > | > |
| > | > | "AJS" <newsgroup@sorga.com> wrote in message
| > | > | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > | > | > Hi,
| > | > | > "*.RBO" is known as a worm extension. When I type in "*.RBO"
| to
| > | find
| > | > | files
| > | > | > with this extension I get no files found eventhough there are
| many
| > | > | files
| > | > | > with that extension.
| > | > | > Thanks
| > | > | > AJS
| > | > | >
| > | > | >
| > | > | >
| > | > |
| > | >
| > | >
| > |
| >
| >
|
I did run the Symantec removal tool. Again, nothing was found. I ran a
search for *.exe files looked in its folder and about 90% of these files
have a file with the same file name but a ".RBO" extension in the same
folder. I deleted them all (took me hours). What a nasty worm...
Also, I searched the registry for the RBO extension but there were none.
Thanks for your help.
"Gary S. Terhune" <grystnews@mvps.org> wrote in message
news
WkMwmOOFHA.576@TK2MSFTNGP15.phx.gbl...| I can't tell you, specifically, what you need to do to enable Find to
| locate those files. My guess is that a Registry hack similar to a Policy
| is responsible. Might try running REGEDIT and doing a search on that
| file extension. Have you tried searching on just RBO, not on *.RBO. Or
| other variations like *BO or *RBO, or even just *O
|
| But I can almost guarantee you that the virus is present, and it's
| probably quite capable of stopping the usual antivirus apps from
| detecting or removing it. Which is why I pointed you to the removal
| tool. Might want to try doing these things in Safe Mode, though I'm not
| certain it will help much.
|
| Anti-spyware apps are useless against this intruder. As are most normal
| AV apps, once the virus actually infects the system. I get hits from my
| ETrust AV all the time on this virus, but that's *before* it actually
| makes it into the system, usually before the email that carries it even
| gets opened. More involved methods would include using another machine
| to download F-Prot for DOS, along with current definitions, then burn
| them all to a bootable CD made using an ISO image of a Windows Startup
| disk. But I can't say for sure that this would do the trick. Please try
| the removal tool I pointed you to at Symantec.
|
| --
| Gary S. Terhune
| MS MVP Shell/User
| http://www.grystmill.com/articles/cleanboot.htm
| http://www.grystmill.com/articles/security.htm
|
| "AJS" <newsgroup@sorga.com> wrote in message
| news
JZvqhNOFHA.2384@tk2msftngp13.phx.gbl...| > Hi Gary,
| > Sorry about the confusion...
| >
| > I did run a virus scan (Trend Micro) and ad-aware. Both times no
| infected
| > files were found. This is why I am deleting files manually. I noticed
| a lot
| > of these files (*.RBO) in the Windows-System folder. Before I deleted
| these
| > files I ran a search to get all the *.RBO files by going to "Start -
| Find -
| > Files or Folders..." In the "Named" box I typed "*.RBO", clicked on
| "find
| > now", Look in: (C
.| > No files were found... I also tried to be more specific with the
| search and
| > looked in "Windows - System", and still no such files were found.
| >
| > What need I do so that "Start - Find -Files or Folders..." will find
| all the
| > *.RBO files on my "C" drive?
| > N.B. My system still runs fine until now.
| > Thank you.
| >
| > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
| > news:unCCZiHOFHA.1476@TK2MSFTNGP09.phx.gbl...
| > | I didn't reply to your post last night because I went to bed before
| you
| > | replied to mine. And I slept in. (In the newsgroup, that is. Sorry
| if my
| > | email wasn't clear. I intended for you to repeat your reply here
| after
| > | sending me an email reply.)
| > |
| > | See the links in my signature, especially the one on Security. You
| have
| > | been infected with the Magistr.B worm virus. My guess is that you
| have a
| > | lot more infestations to deal with, as well. You can find removal
| > | instructions here:
| > |
| >
|
http://securityresponse.symantec.com/avcenter/venc/data...
| > |
| > | From what I read, your system *may* be irreparably damaged. This
| worm
| > | included time-bomb like features. The sooner you deal with it, the
| > | better. If you back up any files for safe keeping, be sure to scan
| them
| > | for viruses before you try restoring them to any other system.
| > |
| > | --
| > | Gary S. Terhune
| > | MS MVP Shell/User
| > | http://www.grystmill.com/articles/cleanboot.htm
| > | http://www.grystmill.com/articles/security.htm
| > |
| > | "AJS" <newsgroup@sorga.com> wrote in message
| > | news:e2fOYYHOFHA.904@tk2msftngp13.phx.gbl...
| > | > Hi,
| > | > I am unable to find your post.
| > | > Can you help me finding it?
| > | >
| > | > "Gary S. Terhune" <grystnews@mvps.org> wrote in message
| > | > news:ePOw4bAOFHA.2356@TK2MSFTNGP14.phx.gbl...
| > | > | What do you mean "even though there are many files with that
| > | extension"?
| > | > | How do you know?
| > | > |
| > | > | --
| > | > | Gary S. Terhune
| > | > | MS MVP Shell/User
| > | > | http://www.grystmill.com/articles/cleanboot.htm
| > | > | http://www.grystmill.com/articles/security.htm
| > | > |
| > | > | "AJS" <newsgroup@sorga.com> wrote in message
| > | > | news:enR$APAOFHA.4000@TK2MSFTNGP10.phx.gbl...
| > | > | > Hi,
| > | > | > "*.RBO" is known as a worm extension. When I type in "*.RBO"
| to
| > | find
| > | > | files
| > | > | > with this extension I get no files found eventhough there are
| many
| > | > | files
| > | > | > with that extension.
| > | > | > Thanks
| > | > | > AJS
| > | > | >
| > | > | >
| > | > | >
| > | > |
| > | >
| > | >
| > |
| >
| >
|
Related ressources:
- Forumhow to launch "search find files or folders " from command ..
- ForumWhat is the easiest way to extract files from their folders ?
- ForumFinding total number of Folders and Files on C: drive
- ForumFolders/Files gone from HDD
- ForumWindows 7 search residual files and folders
- ForumMoving files within folders
- ForumReset Password and then my Files and folders on the desktop are all..gone.
- Forum3 Outlook pst files in two different folders - can't figur..
- ForumMissing Desktop Folders/Files [Please Help]
- Forum"NTLDR is missing" windows 95
- ForumActiveX & Downloaded Progam files?
- ForumWhere is the list of applications for untyped files?
- ForumLost "New" and "Find" in Windows Explorer's right-click me..
- Forum(.SWF )files. What device/application is used for these fi..
- Forumbacking up files
- More resources
!
