bad situation

[Andre]

What do you do when you have a backdoor virus named "optixpro13" that
doesn't allow any executables files to work. I am able to download
fixes and virus healers but I cant get them to open once they're on my
desktop? All I get is the same message that says can't find file name
"mpldfg". That was the file I deleted yesterday when I discovered I
had a virus. It also said that another file named "siexec16.exe" was
also corrupt; I believe I pit that one under quarantine.I wanted to
set the registry back to the time before the virus hit my computer but
that is also an executable file. I even tried safe mode to no success.
I'm stuck. Do I throw my computer out the window.? I use windows 98.
Could someone please help?

Andre

 

[mzlindyone]

What do you do when you have a backdoor virus named "optixpro13" that
doesn't allow any executables files to work. I am able to download
fixes and virus healers but I cant get them to open once they're on my
desktop? All I get is the same message that says can't find file name
"mpldfg". That was the file I deleted yesterday when I discovered I
had a virus. It also said that another file named "siexec16.exe" was
also corrupt; I believe I pit that one under quarantine.I wanted to
set the registry back to the time before the virus hit my computer but
that is also an executable file. I even tried safe mode to no success.
I'm stuck. Do I throw my computer out the window.? I use windows 98.
Could someone please help?

This points up the folly of trying to use antivirus scanners against
serious trojans.

Get http://download.nai.com/products/MCAFEE-AVERT/stand_alone/undo.reg
and run it on the computer.

If it won't import that way, then Start > Run - in the box, type:

regedit /s "[path to undo.reg]\undo.reg"

For instance if you have it on a floppy, type
regedit /s "a:\undo.reg"

This *should* do it, as it imports the file directly, thus not needing
to actually open regedit. Alternatively you can copy regedit.exe to
regedit.com and open that then import undo.reg. Let me know if you
need any more help with this.

Then get Trojan Remover from http://www.simplysup.com/tremover/
I wouldn't trust anything else against Optix Pro.

Carol

 

[Torti Schlumpf]

It's just not a bad situation - it's a *very* bad one.
I suggest: format c:, cause your system has been compromised!

 

[FromTheRafters]

What do you do when you have a backdoor virus named "optixpro13" that
doesn't allow any executables files to work.

That means that you caught it *after* it had already installed, and
that it was incompletely removed.

I am able to download
fixes and virus healers but I cant get them to open once they're on my
desktop? All I get is the same message that says can't find file name
"mpldfg". That was the file I deleted yesterday when I discovered I
had a virus.

How was it discovered, and what deleted (or suggested that you delete)
one of its files? It is not generally a good idea to do that because some
malware will trigger a payload in retaliation for poking it with a stick.

It also said...

Who or what is *it*?

...that another file named "siexec16.exe" was
also corrupt; I believe I pit that one under quarantine...

Is this some AV program telling you to poke at malware with a stick?

...I wanted to
set the registry back to the time before the virus hit my computer but
that is also an executable file.

Sometimes a zero length file named accordingly can work.
Sometimes another program renamed accordingly can work.
....or you can edit the registry with regedit.com. or a .reg
registry patch (import) file.

I even tried safe mode to no success.

Tried DOS yet? (not a virtual dos window)
Scanreg /restore
Pick an earlier version of the registry.

I'm stuck. Do I throw my computer out the window.?

That depends where you live. ;o)
I could do that and nobody would even know.
(but it would scare the chickens...)

I use windows 98.

Me too.

Could someone please help?

If you have any reason to suspect that anyone made use of
the malware to actually access your computer, you would
be best advised to reinstall from scratch.

I would do that anyway, it's not that hard to do.