Hi, one of our colleagues has managed to infect his laptop with w32/yahlover. We have the appropriate DAT for Mcafee but the worm disables MC from running. (our network machines have the common framework for mcafee stored locally, and mcshield and the rest are located on our network) Obviously we don't want to connect to the network to try and get Mcafee running, incase others are infected.
Does anyone have any ideas how we can remove it manually? Enabling task manager, cmd, etc?
I've tried copying regedit.exe as regedit.com and opening it and editing it but had no joy.
Any help would be appreciated.
Thanks.
Does anyone have any ideas how we can remove it manually? Enabling task manager, cmd, etc?
I've tried copying regedit.exe as regedit.com and opening it and editing it but had no joy.
Any help would be appreciated.
Thanks.