Backdoor.agent.ba ----- Malke
From: greg (anonymous_at_discussions.microsoft.com)
Date: 08/07/04
- Next message: HDM: "FIREWALL QUESTION"
- Previous message: David H. Lipman: "Re: ANET COMPUTER SELLS INFECTED COMPUTERS !"
- Next in thread: Malke: "Re: Backdoor.agent.ba ----- Malke"
- Reply: Malke: "Re: Backdoor.agent.ba ----- Malke"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 6 Aug 2004 21:38:43 -0700
Malke,
Thank You for the advice you sent on eliminating my
problem.
I do appreciate your time.
I hope you will have patience and explain your
comment "delete the culprit"
The file that keeps showing up in my error message is
c:\winnt\system32\reseifn.dll
Do you mean to delete this file while in safe mode?
Can I just delete a .dll file in safe mode without messing
up my system?
Thank you again for you assistance.
Greg
*Original message*
I have a nagging problem that will not go away. Every few
> seconds a small widow pops up from "AVG resident shield"
> that says I have a VIRUS Trojan horse "backdoor.agent.BA"
> in file C:\winnt\system32\reseifn.dll.
> I am running Windows 2000 Professional. I have also been
> running norton antivirus software for several years.
> Norton initially told me I had a similiar virus and I
> scanned to remove/quarantine. Norton found no virus. I
> than downloaded a free copy of software from AVG. Now i
> get the message popping up from AVG rather than
> Norton.When I scan my entire system with Norton it does
> not find any problems
> I have run an AVG program called vcleaner in safe mode
but
> i continue to get the AVG virus found message.
> I am not an expert at this stuff can anyone tell me how
to
> get rid of this message that keeps popping up???
> I do keep Norton upgraded with new virus definitios about
> once per week. I also try to keed up with the Microsoft
> patches.Also AVG tells me I now have a java/BYTEverify
> virus
> when I do a full sytem scan. But norton does not find
> anything.
>
> Haus suggested some fixes that do not appear to work on
> WINDOWS 2000 SYSTEMS(stinger,spy sweeper), Haus thanks
for
> the suggestions.
Hi, Greg. Go into Safe Mode, make sure you have set the
system to show
all hidden files (Folder Options), and delete the culprit.
Also scan
your system for spyware, as follows (and I know for a fact
that all of
these work just fine in Win2k):
Remove spyware with Spybot Search & Destroy from
www.safer-networking.org and Ad-aware from
www.lavasoftusa.com. Be sure
to update these programs before running them. These
programs are free,
so run them both since they complement each other. It is
best to run
antivirus and spyware removal tools in Safe Mode. You may
also want to
run CWShredder and HijackThis from
http://aumha.org/freeware.htm.
Although CWShredder is no longer being updated, it will
still clean
older variants of the CoolWebSearch malware. Please read
the
instructions carefully. Also, make sure you've visited
Windows Update
and applied all security patches. Do not install driver
updates from
Windows Update. Make sure you are running a firewall.
Cheers,
Malke
--
- Next message: HDM: "FIREWALL QUESTION"
- Previous message: David H. Lipman: "Re: ANET COMPUTER SELLS INFECTED COMPUTERS !"
- Next in thread: Malke: "Re: Backdoor.agent.ba ----- Malke"
- Reply: Malke: "Re: Backdoor.agent.ba ----- Malke"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
