Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Help Needed Please...


  • Please log in to reply
3 replies to this topic

#1 brandster

brandster

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:43 AM

Posted 06 November 2004 - 11:25 PM

Oops - I just posted this in Breaking Virus News - think maybe it should've gone here. My apologies - I am new at this...

I'm having troubles trying to delete viruses from my computer & am hoping someone can please help me.

I have run Housecall & Panda. Panda claims my system is clean, but Housecall has found viruses which I can't delete. I've also run a security service from my internet provider - Telus (Canada).

This is what I'm finding:

W32/Mitglieder.AM
W32/Ncase.A@spy
W32/Jeemp.B
W32/Betterl.A@bd
W32/Inor.G@troj

I also have other viruses which are "security risks or backdoor programs" - no names provided.

Please help - how do I delete these???

Thanks so much for any help you can provide.

brandster

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:43 AM

Posted 07 November 2004 - 06:45 PM

Where are these files located and what are their names?

#3 brandster

brandster
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:43 AM

Posted 07 November 2004 - 08:55 PM

The files are on my hard drive ©.

My telus virus scan shows following 30 infected files:

c:\_RESTORE\ARCHIVE\FS118.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS152.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS171.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS179.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS215.CAB (security risk or "backdoor"
program)
c:\_RESTORE\ARCHIVE\FS217.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS220.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS237.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS264.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS28.CAB (W32/Ncase.A@spy)
c:\_RESTORE\ARCHIVE\FS315.CAB (W32/Jeemp.B; W32/Betterl.A@bd; security risk or "backdoor" program)
c:\_RESTORE\ARCHIVE\FS41.CAB (security risk or "backdoor" program)
c:\_RESTORE\ARCHIVE\FS47.CAB (W32/Inor.G@troj)
c:\_RESTORE\ARCHIVE\FS51.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS53.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS57.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS58.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS59.CAB (W32/Inor.G@troj)
c:\_RESTORE\ARCHIVE\FS67.CAB (W32/Mitglieder.AM)
c:\_RESTORE\ARCHIVE\FS98.CAB (W32/Mitglieder.AM)
c:\_RESTORE\TEMP\A0164639.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0164640.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0164647.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0164648.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0165884.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0165885.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0165887.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0165915.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0165917.CPY (W32/Inor.G@troj)
c:\_RESTORE\TEMP\A0165919.CPY (W32/Inor.G@troj)

Housecall scan shows following infected files:
c:\_RESTORE\ARCHIVE\FS53.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS58.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS57.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS67.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS51.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS118.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS105.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS98.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS152.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS171.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS179.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS220.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS217.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS237.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS264.C (troj mitgliedr.o & worm bagel.l)
c:\_RESTORE\ARCHIVE\FS215.C (bkdr ruledor.e)
c:\_RESTORE\ARCHIVE\FS315.C (bkdr ruledor.e; jeemp.c)

All of these can't be cleaned or deleted....

Help!!!

Thank you very much!!!!

brandster

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:43 AM

Posted 07 November 2004 - 09:25 PM

Disable and Enable System Restore.[/color] - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide

Renable system restore with instructions from tutorial above




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users