bagle, downloader-FL, and others

Computer: an older Dell notebook

Ad-Aware: ran a few times. It gets all the way through, but finds things that it can't quarantine or delete. These things are:

C:\_Restore\Temp\A0161247.CPY
C:\_Restore\Temp\A0161249.CPY
C:\_Restore\Temp\A0161257.CPY
C:\_Restore\Temp\A0161261.CPY

... called Downloader-DH.b, BrowseEut, Downloader-FL, Downloader-FL, respectively

Then a whole BUNCH of W32/Bagle.j@MM things. I mean a couple hundred. All of the address were as follows:

C:\_Restore\Temp\A01612151.CPY,
C:\_Restore\Temp\A01612154.CPY,
C:\_Restore\Temp\A01612157.CPY, etc
etc, etc, adding 3 to the number each time
...
...
C:\_Restore\Temp\A01612457.CPY

All of these were called W32/Bagle.j@MM, and there is a few hundred of them.
Can't get them cleared out with Ad-Aware.

HijackThis will not download on my computer because I cannot download anything.

What's the plan of attack?
Thanks!

 

Hi jyodis,

AdAware is an anti-spyware program, not an antivirus although it can detect some files, but that's a bonus and not what it was made for. If all the infected files start with the C:\_Restore, then they are in your System Restore.

Since you haven't mentioned what your operating system is, I'll give you the link to read how to turn off your System Restore and clear the infected files out of it for a WinME computer, since I believe this is what you have:

WinME System Restore Instructions.

Just in case, I'll give you the link for an XP also:
XP System Restore Instructions.

Before you turn your System Restore back on, do a follow-up with an on-line virus scan to be sure nothing is left behind that might still be infected: Free Services

Then follow ALL steps and instructions here to post a hijackthis log (in this thread) so we can check it: HOW TO? Read here about how to post your log!!.

Regards,

snap