[Resolved] "VIRUS FOUND!" message on my PC.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

criminalist

Thread Starter
Joined
Aug 26, 2003
Messages
10
I got this lame warning on my computer today and I thought I'd post it here in hopes for some wisdom in rectifying the issue.

It is a small window that reads the following:

"Virus Found!

Warning! Trend PC-cillin has detected a virus. Please run a complete scan of all files to be sure that the virus has not spread.

Real-time Scan

Infected file: A:\Virtuagirl_brianabanks_full.exe

Virus name: BKDR_DELF.BZ

User name: Jenny

Action Unable to clean. Infected file was quarantined."


My only problem with this is that I know of no such file on my computer. I did a PC-cillin scan and the search came up empty. I even tried to do a system search to locate this supposed file and I came up empty handed. The thing that really gets me is the A:\. That is my floppy drive and the disk in there at the time of the message is a disk I use for school work.

If there really is a file of Briana Banks, I want to know about it. All kidding aside, I'm not excited about seeing this message because I have no clue what may have happened to my system especially if the afformentioned message is true. Thanks in advance.
 
Joined
Feb 8, 2003
Messages
143
Hi, You should have posted this on the security forum however this is a backdoor program. Visit trendmicro.com, click on the
security information tab, type the name of the virus in the box and click the arrow next to it. You'll find all the info you need and
what to do about it there. It sounds like the virus only exists on the floppy disk so you may be lucky. Right click the PcCillin icon
on the system tray and click on start up pccillin>Standard tab>Quarantine. If the file exists on your computer it will be listed there. Read the removal instructions on the Trend Micro website first, but it should be ok to just delete it. Hope this helps.:)
 
Joined
Aug 10, 2003
Messages
401
Here's the info on the virus.

http://www.trendmicro.com/vinfo/virusencyclo/default2.asp?m=q&virus=BKDR_DELF.BZ&alt=DELF.BZ
This backdoor program compromises network security by allowing a remote malicious user to access an infected system and monitor the following:

messengers
Windows activities
Web sites visited
keystrokes
It saves these information in different log files and may send them to the remote malicious user.

Solution:
Terminating the Malware Program

This procedure terminates the running malware process from memory. You will need the name(s) of the file(s) detected earlier.

Open Windows Task Manager.
On Windows 9x/ME systems, press
CTRL+ALT+DELETE
On Windows NT/2000/XP systems, press
CTRL+SHIFT+ESC, and click the Processes tab.
In the list of running programs*, locate the malware file or files detected earlier.
Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your system.
Do the same for all detected malware files in the list of running processes.
To check if the malware process has been terminated, close Task Manager, and then open it again.
Close Task Manager.
*NOTE: On systems running Windows 9x/ME, Task Manager may not show certain processes. You may use a third party process viewer to terminate the malware process. Otherwise, continue with the next procedure, noting additional instructions.

Removing Autostart Entries from the Registry

Removing autostart entries from registry prevents the malware from executing during startup. You will need the name(s) of the file(s) detected earlier.

Open Registry Editor. To do this, click Start>Run, type REGEDIT, then press Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries whose data value (in the rightmost column) is the malware file(s) detected earlier.
Close Registry Editor.
NOTE: If you were not able to terminate the malware process from memory as described in the previous procedure, restart your system.
Locating and Deleting Log Files

On Windows 9x/NT


Click Start>Find>Files and Folders.
In the Named input box, type:
SHELLDATA
In the Look In drop-down list, select the drive which contains Windows, then press Enter.
Once located, delete the folder.
On Windows 2000/ME/XP

Click Start>Search>For Files and Folders.
In the Search for files and folders named input box, type:
SHELLDATA
In the Look In drop-down list, select the drive which contains Windows, then press Enter.
Once located, delete the folder.
Running Trend Micro Antivirus

Scan your system with Trend Micro antivirus and delete all files detected as BKDR_DELF.BZ and TROJ_JUSTIN.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.

Trend Micro offers best-of-breed antivirus and content-security solutions for your corporate network or home PC.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top