unable to delete infected files in shared folder

Discussion in 'malware problems & news' started by molawob, Jun 29, 2004.

Thread Status:
Not open for further replies.
  1. molawob

    molawob Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    3
    complete novice to this so apologies first!!!
    my system appears to be riddled with worms and trojans at present. Located the majority of them but unable to delete those in the 'shared folders'.....any ideas?
     
    Last edited: Jun 29, 2004
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    welcome, molawob ;).

    Let's start with the usual: what is your Operating System? You obviously have one or more softwares installed detecting those nasties. Please inform us about those. Finally: which worms an trojans have been detected (by name)?

    regards.

    paul
     
  3. molawob

    molawob Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    3
    Hi Paul,
    Thanks for your speedy reply and lack of jargon ;) !
    Windows XP Home Ed.
    In desperation I am running a number of anti-virus programs. To date:
    AVG v.6
    TDS3
    Panda Titanium v.7 (subscritption ends in 2 days)
    Adaware v.6
    I also have the option of Norton via my university network!

    Existing problems are:
    worm/agobot 14.BQ
    worm/agobot 14.AE
    worm/agobot 23.BQ
    worm/agobot 23.BU
    trojan backdoor.gobot.M
    and until today I had a recurrent messeage on start-up : system32\bridge.dll which after following some advice I seem to have removed.

    My system is running very slowly.....desperate to not let it grind to a halt!
    Thanks for our help,
    Jo
     
    Last edited: Jun 29, 2004
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Jo,

    Well, that's a start ;). Looking upon the named problems, TDS should have taken care of (fairly) all of them at first sight - did you update the database ("radius") before performing a full system scan? If not: please do so and perform another full system scan once more, and post the results.

    Premature - but nevertheless: in case we grind to a halt on this, follow these instructions. That said: first things first. Awaiting your reply ;)

    regards.

    paul
     
  5. molawob

    molawob Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    3
    thanks paul - did that - took a while!

    here are the results - hope this is what you needed.

    Scan Control Dumped @ 23:04:00 29-06-04
    Suspicious Filename: Dual extensions
    File: c:\documents and settings\jo girling\desktop\document scrap 'somebody i want...'.shs

    Positive identification <Adv>: Suspicious: Microsoft-tagged exe built with Borland compiler
    File: c:\documents and settings\jo girling\local settings\temp\installer2.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\jo girling\my documents\unused desktop shortcuts\pack1_1.5.7.exe

    Positive identification <Adv>: Suspicious: Microsoft-tagged exe built with Borland compiler
    File: c:\windows\unstsa2.exe
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Jo,

    Please zip the files in question and submit them to submit@diamondcs.com.au for investigation - and ask for a reply, which can be posted in this thread.

    Furthermore, follow the link as mentioned in reply #4 and post your log file over there for examination as well.

    regards.

    paul
     
Loading...
Thread Status:
Not open for further replies.