Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hi! Hope someone here can help me. I am trying to get rid of the bugbear virus on my mom's computer. I just installed Norton Antivirus 2004. I downloaded the removal tool at the Symantec site and ran it but it didn't find the virus but when I run the virus scan it finds 4 infected files. I have tried this several times with no luck. I followed the instructions for manual removal but after getting where it instructed me to go, what it told me to delete was not there.
Any help anyone could offer would be greatly appreciated. (Please make instructions exact. I am fairly new at this but am good at following specific instructions :o))
just me, If the location of the infected files is in the volume information/Restore files you must turn off System Restore then restart your computer, then run another virus scan which should come up clean. If it comes up clean turn System Restore back on again. AV Programs cannot remove viruses/virus infected files from the System Restore because these files are Windows protected. Turning off System Restore then restarting your computer will purge all of the System Restore files.
How to turn off or turn on the Windows XP System Restore
Tufenuf
0 
I'm almost positive I ran the virus scan with the System Restore turned off. I think that is what Norton had instructed to do. I also ran the scan in safe mode.
Maybe this info will help. When I look at activity log then virus alerts in Norton this is what it says for the 4 files found:
1. Source:
C\windows\start menu\programs\disabled startup items\cuq.exeDescription:
The compressed file cuq.exe within C:\windows\start menu\programs\disabled startup items\cuq.exe within C:\undo\backup.cab is infected with the W32.Bugbear@mm virus2. Source: (same as #1)
Description: The compressed file cuq.exe within C:\undo\backup.cab is infected with the W32.Bugbear@mm virus
3. Source:
C:\windows\start menu\programs\startup\cuq.exeDescription: The compressed file cuq.exe within C:\windows\start menu\programs\startup\cuq.exe within C:\undo\backup.cab is infected with the W32.Bugbear@mm virus
4. Source (same as #3)
Description: The compressed file cuq.exe within C:\undo\backup.cab is infected with the W32.Bugbear@mm virus
The original scan I did also found the PWS.Hooker.Trojan virus but it was automatically deleted by Norton.
Thanks to anyone who could offer some help with this. (Thanks to Tufenuf for answering original post)
0
just me, You may want to go to the link below, read the instructions, then download and run the "W32.Bugbear@mm Removal Tool".
The "Stinger v2.0.4" Removal Tool also should rid your computer of that virus and is Free at the link below.
Tufenuf
0 0
I downloaded the "Stinger v2.0.4" Removal Tool and ran it twice. It found the virus but doesn't seem to have deleted or fixed it. Is that correct? (both results posted below) If so, where do I go from here to get rid of this frustrating thing!?
Thanks in advance to anyone offering help.
A.
McAfee AVERT Stinger Version 2.0.4 built on Feb 25 2004
Copyright (C) 2004 Networks Associates Technology, Inc. All Rights Reserved.
Virus data file v1000 created on Feb 25 2004.
Ready to scan for 40 viruses, trojans and variants.
Scan initiated on Fri Feb 27 12:04:06 2004
C:\undo\backup.cab\cuq.exe
Found the W32/Bugbear@MM virus !!!
C:\undo\backup.cab\cuq.exe
Found the W32/Bugbear@MM virus !!!
Number of clean files: 55686
Number of infected files: 2
Scan initiated on Fri Feb 27 12:45:17 2004
C:\undo\backup.cab\cuq.exe
Found the W32/Bugbear@MM virus !!!
C:\undo\backup.cab\cuq.exe
Found the W32/Bugbear@MM virus !!!
Number of clean files: 80169
Number of infected files: 2
0
justme, Try Start/Search/All files and folders and type in cuq.exe then click the Search button. If the cuq.exe file(s) show up when the search is complete right click them and choose delete and leave them in the Recycle Bin then run another virus scan and see if it comes up clean. Those files may have been removed by your AV Program as they are showing up as "C:\undo\backup.cab\cuq.exe" and if they are they aren't hurting anything but I'd still delete them.
Tufenuf
Tufenuf
0
Tufenuf,
I ran the search but no cuq.exe file was found so there was nothing to delete. Should I just leave things like they are or is there something else I should try?
Thanks a bunch for all your help!!
0
just me, I don't have Norton AV 2004 but open your Norton AV Program and look under "Reports" and see if those files are either in "Quarantine" or "Backups". This is where they're located on my Norton AV 2003. If you find them there you can right click them and delete them. If you can't find them this way I wouldn't worry about them.
Tufenuf
0
I checked in Norton and it was located in the "backup items" so I deleted them. What is the backup items file folder or what does it do? Is it somewhat like the quarentine?
Thanks again for all your help Tufenuf. I really appreciate it. These kind of things can be sooooo frustrating to someone who doesn't know how to fix them.
0
just me, According to the Norton Help Guide when you open Norton and click Help/Norton AV Help under Contents/About Norton Quarantine it states the following:
Backup Items:
Norton AntiVirus is preset to make a backup copy of a file before attempting a repair. After the repaired file is verified, you can delete the infected backup copy from the Quarantine.Hope This Helps,
Tufenuf
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
