Win2000Pro. Viruses & Removal of Infected System Files.

[Ben B.]

Hello,

This regarding a friends's computer. AVGrisoft identifies
the following system files as being infected with
IRC/Backdoor Flood.

C:\winnt\system32\dllcache.exe and 3 others similar and 4
more with the BAT/Generic virus (also system32\dll.cache
etc).

My question is this.

If I delete these files will Win2000 replace them from cab
files on reboot?

Thanks.

 

[DL]

These aren't win2k sys files, they are just masquerading as such

 

[Guest]

Hi,OK they are masquerading.
AVG gives this:
C:\winnt\system32\DLLCACHE\DLLCACHE33\dllcache33.exe\TCP...
I wondered how or what I should search for in this.
I have tried DLLCACHE,
DLLCACHE\DLLCACHE33,DLLCACHE\DLLCACHE33\dllcache33.exe and
get nowhere. Any sugestions appreciated. Thanks.

 

[DL]

I'm not familiar with the workings of AVG, however doesnt it give the option
to delete infected files?
On the search issue are you searching to include 'hidden' files?
In any case you should be able to locate in explorer

 

[Ben B]

Hello DL,

AVG did give the option of Heal or Vault(quarantine) on
it's first run. However I have four infected files left
and since it cannot 'Heal' them and doesn't offer
the 'Vault' option, I am trying to locate them. I will use
Explorer as you suggest. Having never 'chased' viruses
before or used Explorer much and never having been on a
Win2K system I'm groping a bit on several levels.

Thanks for the input.

Ben.

-----Original Message-----

 

[DL]

If neccessary you can allways run an online scan from, eg www.symantec.com

 

[Ben B]

Hello,DL,

Before downloading the AVGrisoft I ran TrendMicro's on-
line scan and it found not one of 30 infected files next
found by AVG. I don't think that Symantec has an on-line
scan.

But I am grateful for the reminder about the hidden files,
are you including hidden operating files in that context?

Ben.

 

[DL]

Symantec on line scan accessed from main/home symantec page/Security
Response then 'Check For Security Risks' link opens new window, 'Go' link
then select whichever.
Hidden files are generally system files.
Depending how win2k has been configured when you Explore, My Computer and
scroll to System32 Folder the view pane may show a warning msg about system
files.

 

[Ben B]

Hello DL,
I ran Panda OnLine scan and it removed the viruses - as
checked out by AVG. I thank you for your help, DL, with
all my questions. Your contributions much appreciated.
All the best,
Ben.

 

[DL]

yr welcome

Hello DL,
I ran Panda OnLine scan and it removed the viruses - as
checked out by AVG. I thank you for your help, DL, with
all my questions. Your contributions much appreciated.
All the best,
Ben.