Solved

Exploit-MIME.gen virus infection clearing out.

Posted on 2002-04-24
6
216 Views
Last Modified: 2013-12-28
I was called to an SOS for a friend who has got a nasty Exploit-MIME.gen virus in his Windows 98.  Not sure what version of IE probably 5 or 5.5

The Norton Anti Virus didn't pick it up probably because he didn't have auto protect running though his email was protected, something had removed the Tick from Protect Outlook Express.   Norton also would not run properly and advised re installing.  I'm going to do that tomorrow.

I have disabled the Outlook from sending any SMTP server mail but left it allowing incoming mail.
 The server will keep filling up with new virus related rejects if I don't kill of temporarily his ability to send any mail at all.
He can do it on www.globalnet.com website for the time being until I sort out how to rid the system of this -

I've tried Symantec site and instructions to run a scan were there along with a patch from Microsoft which is worth downloading but does anything need cleaning out from Registry or other places? Is there a site I can go and get more detail on how to rid the system of this which came as scores of emails rejected by server and which were advising that email was being sent out from this person's computer attaching .exe to mail and to recipients he had never heard of? Nasty!
Laurie  
0
Comment
Question by:LauriePrior
  • 3
  • 3
6 Comments
 
LVL 17

Accepted Solution

by:
Wakeup earned 200 total points
Comment Utility
Laurie,

Not much that I can find on this guy, but Mcafee has this:
http://vil.nai.com/vil/content/v_99273.htm

Hope that will help..good luck.
Generally if the sites dont give you any info on cleaning registry or anywhere else, usually that should take care of the problem and wont need to regedit or anything.
0
 

Author Comment

by:LauriePrior
Comment Utility
Thanks I've tried the McAfee site and it seems to have file updates for people using McAfee so that's not much use. But I think I'll go get Regclean and Ad-aware. Clean the system out and scan and defrag, empty folders in Outlook and compress, empty caches and history and Windows Temp and C Temp folders and hope to have cleared it after going to get the patch from MS and doing another Norton Re install and scan the system.

As you say can't do much more.
Thanks
0
 
LVL 17

Expert Comment

by:Wakeup
Comment Utility
Laurie, wow...
thanks for the points, but you didnt have to close the question so early.  Some one else may have been able to give you an opinion or some more advice...
Just some advice for your next question you ask if you ever need to.  Hope you resolve the virus issue!

Good luck
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:LauriePrior
Comment Utility
Oh well I figured that if you could only find that small amount about it, then I probably have intuitively planned enough to clean it out myself.  You're welcome to the points.  I like to be sure and safe before I fiddle around with someone else's computer especially if they trust my knowledge and there is a percentage risk albeit low that I might mess it up for them.
I give myself frights when I re boot and find somoene's PC won't dial up and it's lost its modem through no known fault of mine.  Happy 200 points, I might need you to answer more tomorrow! Watch this space !
Laurie
0
 
LVL 17

Expert Comment

by:Wakeup
Comment Utility
Heheh...ok...I am watching!  So far nothing so I am guessing that you are running fine I hope?
0
 

Author Comment

by:LauriePrior
Comment Utility
Yes I went to the guy's computer and spent two one three-hour session and one two hours over two days.  I'm pleased to say he gave me more than 200 points for curing it, he offered me 60 UK Pounds! Nice one.  This is what I did.

I emptied C:\TEMP and C windows temp.  And emptied temporary internet files.  I downloaded REG CLEAN and it cleaned about a dozen files from the registry.

I downloaded Ad-aware and killed off about four items of spyware on the system.

Norton refused to re install - kept getting half-done and giving up.  Eventually I got help and someone told me to find the installation files on the Norton 2001 disk and try to run either of them from the disk.  It found a discrepancy in versions of the install files and mended the problem itself.  Then at last Norton installed.  I did a live update of Virus definitions then a full scan.  It found 9 infected files.  It dealt with them.  I also ran Klez removal from Norton's Site.  And one file that it re directed me to Microsoft's site to update Outlook Express and turn it into version 5.5 - That was a long download.

Finally I re booted for what seemed like the four hundred thousandth time and Ran Scan disk.  It was then I realised I was going to have to leave it overnight, the scan was going to take hours and hours.

Next day he used the computer after a re boot and at the end of the day left it de fragging.  I then returned and checked it out.  All seemed to be cured.  It was running full speed but just to be sure I ran Ad Aware again and nothing found to bin in the trash so job done mission accomplished.

The guy was most impressed and now wants tuition from me in other computer matters.  Well what a compliment!
thanks for your help.
Laurie
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

For a variety of reasons, it sometimes makes sense to reboot a Windows-based computer on a regular, perhaps daily basis. This "cures" a lot of ills by resetting processes, flushing caches, refreshing memory, and reestablish network connections. In a…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now