Help! I have a virus that my McAfee program couldn't zap!

Discussion in 'malware problems & news' started by RCGuy, Jun 16, 2006.

Thread Status:
Not open for further replies.
  1. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Last night I was conducting an internet search(about a rather non-risky subject) and my McAfee anti-virus program alerted me that it had found a virus. Well, the alert informed me that McAfee couldn't clean the virus and therefore, it was going to delete the file that the virus was in. However, a few minutes later, I got another McAfee alert which said:

    From there, I decided to run online Symantec(Norton) and Trend Micro virus scans to see if they could help, however, they didn't detect the virus. Therefore, my computer still contains the virus that McAfee alerted me about, however, I'm not quite sure what I need to do get rid of it. Any help would be appreciated.
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Since the file is located in you Temporary Internet Files folders, I'd probably just boot to safe mode and clean those folders out (Start>Control Panel>Internet Options>General>Delete Files (under Temporary Internet Files section, delete all offline content) as a first shot.

    I assume you have a valid user account named Value Customer on that PC.

    Blue
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Since that's the location of IE's temporary internet files....you should be able to just clear your browser's cache to take care of that matter.

    Edit
    Yeah....what Blue said :cool:
     
  4. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Bubba, I thought about that, but I figured that if McAfee couldn't delete the file, then I was afraid that I couldn't get rid of it by clearing my browser's cache.
     
  5. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    That's the reason for booting to safe mode.

    Blue
     
  6. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    It sounds like you and Bubba are saying the same thing, but you're saying that I need to boot in safe mode. Don't think that I've ever successfully done that before, but I'll give it a whirl. Also, how does one get back to regular mode from safe mode?

    BTW, apparently, the repair shop that repaired my computer several months ago keyed in the user account name "Value Customer" after my computer crashed. I noticed the "Value Customer" name(instead of mine) after bringing my computer home from the repair shop. I didn't know if I needed to go in and add my name as the administrator since my computer seemed to be working fine the way it was.
     
  7. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Okay, I got it. Also, I don't mean to ask a stupid question, but is coming back to normal mode pretty self explanatory?
     
  8. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Just restart as normal without tapping F8 as the system comes up.

    Blue
     
  9. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Well, that was easy enough, but is there anyway that I can check for sure that the virus is gone?
     
  10. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Navigate to the folder indicated in your original post, is the file present?

    To do this - assuming you have a default configuration that hides the Local Settings folder - launch Windows Explorer. From the top menu bar, select Tools>Folder Options. Click the View tab on the dialog box that appears. Under the section titled Hidden Files and Folders, select Show hidden files and folders and click on OK.

    Blue
     
  11. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    I followed your instructions, Blue, but nothing happen. Also, I did want to mention that the "Show hidden files and folders" option was already selected or "ON."
     
  12. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,522
    Location:
    USA - Back in a real State in time for a real Pres
    Shouldn't op turn off system restore. Make sure nasties gone. Than re-enable system restore.
     
  13. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    What do you mean nothing happened? I don't understand. The named file is either there or not. You're just looking, nothing should be "happening".

    Blue
     
  14. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    A demand system scan will show whether or not there is known malware embedded in the restore files. If they are infected, the steps mentioned can be taken at any time. Reinfection will not occur unless a restore operation is executed. The malware is latent unless that occurs.

    If the restore points are not infected, it's an unnecessary elimination of potentially useful restore points.

    Blue
     
  15. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Blue, you had said:

    Therefore, by following your instructions, I thought that would take me to the folder where the infected file was so that I could see wheter or not it was still present. However, when I selected the "Show hidden files and folders" option and clicked OK, that didn't take me to, or reveal to me the folder where the infected file is(was). Or apparently, I'm not understanding what you are saying.
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi, it will just make ur hidden folder etc visible, if u can,t do manual search. Afterr this put the name of ftle in windows search and search for it( enable options ' search subfolders' 'search hidden files and filders').

    BTW, u must run the virus scan again as well.
     
  17. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Hi, Aigle. Could you explain more about what you meant by 'it will make my hidden folder, etc., visible'? Also, I did go ahead and put the name of the file in Windows Search and searched for it, but it didn't find anything. And as far as running my virus scan again, I've already ran that several times already, but nothing showed up.
     
  18. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    If the search is turning up nothing, it's probably gone (it should be).

    Aigle is correct. The first part of the instructions sets the view that allows you to see normally hidden folders and files. The Local Settings folder is an example of that. Without setting Explorer to see that folder, it will not appear in your view. After that, it is a manual navigation to the appropriate location. I think I confused you by placing this instruction first, then describing the steps to make hidden folders such as Local Settings visible. Can you see Local Settings and navigate down to the desired folder/file?

    Blue
     
  19. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,522
    Location:
    USA - Back in a real State in time for a real Pres
    Windows HIDES files. Once you follow these instructions. No files will be hidden.

    Hide - To put or keep out of sight; secrete.
    Visible - Capable of being seen.

    To do this - assuming you have a default configuration that hides the Local Settings folder - launch Windows Explorer. From the top menu bar, select Tools>Folder Options. Click the View tab on the dialog box that appears. Under the section titled Hidden Files and Folders, select Show hidden files and folders and click on OK.
     
  20. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi! I think just do a scan with Kaspersky online scanner and if it is clear, U are Ok. No need to worry anymore.
     
  21. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Okay, aigle, I'll try the Kaspersky scan, but I have one more question. When I selected "Show hidden files and folders" and clicked on OK, were those files suppose to have popped up, or was I suppose to have opened something so that I could view them?
     
  22. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    RCGuy,

    The hidden files/folders will appear to within the view and level the current screen is showing once the setting is applied. This is readily seen by navigating to a view that contains a known typically hidden folder (say Local Settings) and toggling/applying the Show/Do not Show option setting.

    Blue
     
  23. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Blue, I still wasn't sure what you meant by "Local Settings," therefore, I did a search on it and found this thread:

    http://www.cybertechhelp.com/forums/showthread.php?t=50432

    But it sounds like they're saying the same thing that you were saying, therefore, apparently, something doesn't seem to be working right with my computer because nothing appeared within my view when I clicked OK.
     
  24. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    go to Drive C>>documents anmd settings and navigate here, and u will see some folders greyed out a bit( these were hidden before and became visible when u changed the settings as above-- and BTW now u should just revert back these settings and it should be OK).
     
  25. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Okay, just did that. Also, when you said "greyed out," if you meant faded out, then after I clicked on the "Documents and Settings" folder, I clicked on a faded yellow folder called "Default User." From there, I clicked on a faded yellow folder that said "Local Settings." And then from there, I saw a regular yellow folder that said "Temporary Internet Files," clicked on that and from there, saw only another regular yellow folder called "Content.IE5" And after clicking on that, I saw a white icon that said index DAT file 32 KB. I clicked on the DAT file icon and a "Caution" dialogue box appeared warning me that 'Editing or modifying these files could damage my system.' From there, I stopped.

    So, does it sound like I went in the right direction? :eek: ;)
     
Loading...
Thread Status:
Not open for further replies.