« previous next »
Pages: [1]   Go Down

Author Topic: virus not found  (Read 2732 times)

0 Members and 1 Guest are viewing this topic.

lulam

  • Guest
virus not found
« on: April 28, 2005, 02:56:38 PM »
Windows98
Avast 4.6
database 0517-2
I ran Avast but there is still a virus on my computer. I can't run msconfig or system information.
Doing a "find" on today's date give me 2 files related to virii: norat and fo(o with squiggly on top). They can't be deleted so I booted into DOS and deleted them but they're back after a re-boot.  From googling, I'm coming up with a Troj/Norat-A or TrojanProxy.Win32.Mitglieder.bz or  TROJ_MTGLDR.F but I'm not coming up with any manual removal info.
Any help would be appreciated. Thank you
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: virus not found
« Reply #1 on: April 28, 2005, 03:03:24 PM »
If you download and run avast! Virus Cleaner (http://www.avast.com/files/eng/aswclnr.exe), will it help?
It will be good run a SpyBot and Ad-aware scannings too.
What is the path of the infected files?
Logged
The best things in life are free.

lulam

  • Guest
Re: virus not found
« Reply #2 on: April 28, 2005, 03:21:55 PM »
norat and fo(o) are in c:\windows\system folder. According to Zonealarm
Quote
To infect a machine, the trojan copies itself to %System%\Winerdir.exe before dropping two DLL files. These file have been identified as:

%System%\foõ.exe (26,112 bytes) and %System%\norat.exe (1,536 bytes).
I can't find the "winerdir.exe" file
 I've run adaware and it also did not detect the virus

edit:
After running avast! Virus Cleaner
"avast! Virus Cleaner Tool - version 1.0.207 Ansi

Creating log file: C:\MY DOWNLOADS\aswclnr.log

4/28/05, 9:22:56 AM
Memory scanning started...
No virus body found in memory.
Memory scanning finished (82.8s).
----------
Files scanning started...
No virus body found.
Files scanning finished  (73223 files, 0 infected, 891.4s).
Drives scanned: C:"
----------
« Last Edit: April 28, 2005, 03:49:57 PM by lulam »
Logged

lulam

  • Guest
Re: virus not found
« Reply #3 on: April 29, 2005, 06:28:05 PM »
I got rid of the virus by continually hitting "control/alt/delete" during startup and closing all programs except systray and explorer. I went thru the process 3 times and on the third try, I stopped  2 <unknown>  processes from running. I was then able to get into msconfig and unchecked all the programs I knew were not needed by windows. I re-booted and everything worked fine. From here,  I think keydr.exe in msconfig was the virus. I then went back to msconfig and re-checked various programs and so far everything is normal.
Logged

Red_Dog

  • Guest
Re: virus not found
« Reply #4 on: June 26, 2005, 09:32:49 PM »
That sounds too hard to do. I too have some odd virus that will not let me into windows. Some message about not being able to flush or load the system registrary. Then it reboots automattically. I end up with at some point my login screen where you click on user, then it asks for a password! I don't have a password setup!!. I then run in safe mode and launch Avast. After about 4 hours it tells me it found nothing! ;-(  I'm thinking I've lost and I don't have any choice but to do a complete reformat of the hard disk. :-( :-X :-\ :-* :'( >:(
Logged
Pages: [1]   Go Up
« previous next »