Results 1 to 12 of 12

Thread: WinME & Viruses

  1. #1
    2 Star Lounger
    Join Date
    Mar 2001
    Location
    Pa, Pennsylvania, USA
    Posts
    122
    Thanks
    0
    Thanked 0 Times in 0 Posts

    WinME & Viruses

    Hello All. I did a dumb move and let someone use my computer when I was not around. A couple of days later when the virus scanner ran, it picked up a Dialer Virus. I cleaned the system and thought everything was OK. A week later, when the scanner was running again, it found the same virus (dialer...something). Actually it says I have four(4). I have tracked down the problem to a "back up" file that seems to be part of the WinME operating system. The files begin with [Axxxxxx.cpy] I believe these are the files used to "restore" you computer back to "normal" after a crash. I have recovered, many times, using this method. It Works !!
    I can not get rid of the [A.....cpy] files because they evidently are being used whenever the system is operating. Each time the virus scanner rund (AVG) it finds the virus in those files. The virus scanner can not move or delete them either.
    I figure the only way to delete these files would be to shut off the program that is writing to this file. Problem here is I don't know which one is the culprit. I have a nice program called "End It All" which can shut down anything, so if someone knows which program let me know.
    OR....anyone know how to get rid of the files ?
    Thanks,

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: WinME & Viruses

    Check if Start | Programs | Startup contains suspect entries.
    Check in RegEdit if there are suspect entries in HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVe rsionRun and HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentV ersionRun.

    Keep the Ctrl key down while starting the PC (or press F8 while starting). This should display the Windows Millennium Edition startup menu. Start in DOS mode; you should be able to delete the offending files.

  3. #3
    2 Star Lounger
    Join Date
    Mar 2001
    Location
    Pa, Pennsylvania, USA
    Posts
    122
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Hans,
    Well, I could not get to the DOS prompt from the start menu like you were suggesting. There is no Start in DOS mode listed.
    I used my End It All program and stopped the PC Health etc, from running. I went into My Computer, Properties, Performance tab, File system button, Troubleshooting Tab and checked the Disable System Restore. After re-booting, the back up files were gone. Only problem is that many other things are not working now too. I am in the process of trying to put back everything including Office 2000.
    Thanks for your suggestions. I also am having sticky keys now....any idea ?

  4. #4
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: WinME & Viruses

    I don't have WinME myself, so better wait for someone who knows what (s)he's talking about <img src=/S/grin.gif border=0 alt=grin width=15 height=15>.

  5. #5
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Hi Tim

    Regarding DOS......
    To use TRUE DOS on a computer with ME installed, you will have to boot from a floppy disk that contains DOS, including all the DOS programs you are likely to need. If you can get ahold of a Windows 98 Emergency Boot Disk , it should work. Set the Write Protect tab on the floppy before using it.

    Otherwise......
    Download Hijack This, run it and save the log as a txt file.
    Post the txt log on Net-Integration's Browser Hijacking Forum with a brief explanation of your problem. Hopefully they will be able to help.

    Or......
    Your could post your problem on the Annoyances ME Forum

    I hope some of this helps ... <img src=/S/smile.gif border=0 alt=smile width=15 height=15> ... Good luck!!!

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  6. #6
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Hi again

    A program that I just started playing with might help find out what and where the offending application is ..... Faber Toys.
    Should be worth checking out anyway......

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  7. #7
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    OK........

    Maybe try this FIRST.....
    Download, run (Update the data files before scanning) and scan your drive with Spybot S&D.
    When the scan is done, check anything suspicious and tell Spybot S&D to "Fix" them.

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  8. #8
    2 Star Lounger
    Join Date
    Mar 2001
    Location
    Pa, Pennsylvania, USA
    Posts
    122
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Ken, I have and have used Spybot and the other one too (AdAware). I use them regularly.
    Thanks,

  9. #9
    New Lounger
    Join Date
    Nov 2002
    Location
    Melbourne, Victoria, Australia
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    The discussion in this thread relates to System Restore files infected with a virus. In my case I have four AO....files located in the C:Program FilesInternet ExplorerTemp folder, and I have not found a way to delete them They are all infected with the Trojan Backdoor.Berbew.

    How does one delete System Restore files, especially Temporary ones?

  10. #10
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Hi Alan

    There are instructions about 2/3 of the down this Symantecpage. (You have to disable System Restore).

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  11. #11
    New Lounger
    Join Date
    Nov 2002
    Location
    Melbourne, Victoria, Australia
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Edited by Bigaldoc to add URL code.[/i] See the Quick Guide.

    Many thanks for your rapid response. I found the step-by-step procedure at this link and my computer is now clean again! I have to acknowledge the wonderful help from yourself, from Woody's Lounge and indeed Symantec for most viral matters!

  12. #12
    Uranium Lounger
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio, USA
    Posts
    7,089
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: WinME & Viruses

    Well, Symantec may not care, but we all sure do! Glad to hear it's fixed.
    -Mark

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •