Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Virus Info.Pls Help! 1

Status
Not open for further replies.
livesfreely

livesfreely

Technical User
Joined
May 30, 2003
Messages
62
Location
IN
I have two viruses on my pc running win98. The names are:
1. Keylog-LfzMph
2. BackDoor-AMS

I use AVG virus scan which didn't detect them. Since, I knew the computer was infected somehow, I tried different antivirus programs. My last resort was the McAfee online Virus scan. That is the only one that found the viruses, but the free online scan doesn't remove these viruses. I searched the web and couldn't find any information on these viruses. I don't how to remove them. Can someone help me with this?
Virus #2 has an entry in win.ini and system.ini at the run and shell = C:/windows/winsys32.exe
I tried removing these entries, but it didn't work.
I also get a message when I start my pc. Message is(a dialog box)-
connect:WSocketResolveHost:cannot convert host address 'ns1.arpa.net',Error #11001
I don't have any other symptoms, currently.
I hope someone can help me with this. Thanks
 
Sort by date Sort by votes
I deleted above mentioned registry entries.I killed the process using process explorer. Deleted the file from windows folder and recycle bin and restarted. The registry entries didn't appear again. Then, I ran online virus scan again and that virus/trojan didn't show up again. But I still have the 'Keylog-lfzmph' Virus scan shows the file win_spool.dll in windows/system folder. I can't find any such file on my pc
 
Upvote 0 Downvote
Make sure to enable view on hidden files
and on system files.

Explorer -Tools -Folder options -view

Remove the checkmark on:
"hide protected operating system files"
"hide extensions for known filetypes"

Place a checkmark on:
"Display the contents of system folders"
"Show hidden files and folders"


Then do a search on the file
Select:
All files and folders
filename *spool*.exe

More advanced options
"Specify the searc to search in hidden files and folders"
"And system folders"
"And search subfolders"

Search
 
Upvote 0 Downvote
So...
did you find anything .
Whats the result.
 
Upvote 0 Downvote
yes I removed the file and registry entries. then ran the virus scan and it showed up clean.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question Question
Virus
Replies
15
Views
2K
dik
dik
TomSalvato
  • Locked
  • Question Question
Help with a DOS command that isn't working for me
Replies
7
Views
787
Professor Shadow
Professor Shadow
Keyboy
  • Locked
  • Question Question
Windows Media Player help
Replies
0
Views
292
Keyboy
Keyboy
gripsz
  • Locked
  • Question Question
Windows CE .NET 4.2 Help!
Replies
0
Views
279
gripsz
gripsz
NRGeti
  • Locked
  • Question Question
Help text from old software no longer works in Windows 10
Replies
2
Views
332
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top