Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Expl_wmf.gen , Trend-micro Can't Delete It, How Do I Clean It?


  • Please log in to reply
3 replies to this topic

#1 Guest_bg fun_*

Guest_bg fun_*

  • Guests
  • OFFLINE
  •  

Posted 16 February 2006 - 07:22 PM

that it calls TROJ_NASCENE.D and EXPL_WMF.GEN . Trend Micro informed me that the "quarrantine" worked for the former, but not for the latter, so I went into the appropriate directory and deleted that xml/wmf file."

How do you get to the appropriate directory and delete the EXPL_WMF.GEN file?

I've been trying to figure this thing out for hours......need help.

So EXPL_WMF.GEN .... What do I do?

Edited by bg fun, 16 February 2006 - 07:23 PM.


BC AdBot (Login to Remove)

 


#2 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada

Posted 16 February 2006 - 09:44 PM

EXPL_WMF.GEN most likely is the name of the exploit and what you deleted is the exploit itself. This is a Windows vulnerability that has since been fixed with a patch available from Windows Update, so you should be sure you have all your updates. To be sure the exploit is gone try getting a second opinion with one of these on-line scans.

Panda's ActiveScan
F-Secure Virus Scan

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#3 Guest_bg fun_*

Guest_bg fun_*

  • Guests
  • OFFLINE
  •  

Posted 16 February 2006 - 10:41 PM

EXPL_WMF.GEN most likely is the name of the exploit and what you deleted is the exploit itself. This is a Windows vulnerability that has since been fixed with a patch available from Windows Update, so you should be sure you have all your updates. To be sure the exploit is gone try getting a second opinion with one of these on-line scans.

Panda's ActiveScan
F-Secure Virus Scan


That first paragraph isn't me, I'm still trying to figure out how to delete it. I'm not sure if I got it or not.

"How do you get to the appropriate directory and delete the EXPL_WMF.GEN file?"

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:20 AM

Posted 17 February 2006 - 01:25 PM

Hi bg fun
You might like to try to run the TrendMicro scan in safe mode. You can learn how to so here. You should also make sure that not only the operating system is up-to-date, but allso the TrendMicro anitvirus itself.
Try both those things and let us know what happens.
David




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users