I have two files on my computer infected with Bugbearb and I was wondering if anyone can help me remove them. I've tried a few things and I'll outline the chronology of what I've done below:

1. On 8/17, I downloaded from the Symantec site the 2005 version of their Norton virus protection.
-I updated the virus definitions (and everything else).
-I ran a full system scan and it found nothing wrong.

2. On 8/18, Norton updated the virus definitions again.

3. I noticed that Norton was updating every day and didn't think much of it, figuring that new viruses appear every day.

4. On 8/29, just on a whim, I opened Norton to check my status screen and it showed 8/18 as the last time the virus definitions were updated. I ran a live update (a couple of times) and was unable to update the virus definitions. Everything else updated fine.

5. I called my ISP and they recommended Panda and AVG Free.

6. I downloaded AVG Free, but before installing it, I tried to do a system scan at Panda. It "stopped responding" about a third of the way through. It had found 13 viruses, but had not done anything about them.

7. I installed AVG Free, updated all the definitions, etc., and ran a system scan. It found 13 viruses and the instructions indicated that I needed to restart my computer for the fix to take effect. I did this and then did a system scan and all 13 viruses were still there.

8. I called my ISP and they directed me to the Symantec site to get the tools to remove the four types of viruses on the computer. In my reading, I saw that Symantec instructed to disable the Restore function on my computer. I did that and rebooted. The Restore function is shut off/disabled.

9. I downloaded the four Symantec tools, but before running them all, I ran AVG Free again. This time, after the scan and the reboot, 11 of the viruses were gone (three types) and all that remained were the two files infected with Bugbear.

10. Symantec had two Bugbear tools. One just has Bugbear in the name and the other has Bugbearb in the name. Since my AVG Free screen indicated only Bugbear, I ran that tool first. The tool ran and indicated it could not find Bugbear on my computer.

11. I ran the Bugbearb tool and it indicated that it could not remove the virus and to start my computer in safe mode and run the tool again.

12. I started my computer in safe mode and ran the tool again. I got the exact same message - it could not remove the virus from my computer. I don't know if this is relevant, but even though I was in safe mode, the message directed me to restart my computer in safe mode and try again.

13. I called my ISP and at this point all they can recommend is taking it in to "John at Radio Shack" (small town) and have him repair it.

Anyway, if you've read through all that, please accept my sincere thanks.

Can anyone recommend any other tools before I have to be without my computer and spend money to have this done?

Thank you in advance for any help.

Sincerely,
Sadie

Sadie - do you know which two files are infected? It may be possible for you to boot up in DOS mode and delete the files yourself. :)

Sadie, what a major pain.

You did the right thing by first turning off your System Restore. Make sure it's still off -- this thing restores itself from the backup files.

Then go to http://www.eset.com/home/home.htm and download their removal tool.

Another thing you can try is to go to http://housecall.trendmicro.com/ using Internet Explorer (it won't run on Firefox) and do a free online scan. At the end of the scan, it will offer you the option of cleaning up any viruses, adware, or trojans that it found.

Both of these are free.

Therp, if she's running WinXP, there is no DOS mode. (Safe mode, yes.) And the list of files infected by BugBearB is enormous.

http://www.eset.com/scriptless/msgs/bugbearb.htm

LOL Thank Katie - I'm still in the dark ages here with win98. :p

7. I installed AVG Free, updated all the definitions, etc., and ran a system scan. It found 13 viruses and the instructions indicated that I needed to restart my computer for the fix to take effect. I did this and then did a system scan and all 13 viruses were still there.


If you didn't empty the virus vault in AVG, another scan will show the virus as still being there.

Bugbear b removal tool from Symantec (Norton).


http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.removal.tool.html

And another one from McAfee:

http://vil.nai.com/vil/stinger/

Thank you all. :)

System Restore is still disabled. But thank you for letting me know I need to keep an eye on it. :)

Running WinME (aka known as: Reason #425 as to why I'll kick Bill Gates in the balls if I ever meet him.)

I'll try all the suggestions above.

Major pain indeed, Katie! But I guess I'm learning a lot.

In the meantime, if anyone needs to email me that emails me at my isp, for a few days, could you please email me at ladytrue_99@yahoo.com? Or PM me here or on ez or OTWA. I won't be retrieving email from my main address for a few days. Thanks.

Peace,
Sadie (who loves you guys)

Hmm ok folks, antiviruses will say the files of other anti virus are virus.

Dont be running a lot of the things at the same time.

Also run your addware removal stuff also.

Check into the malicous software remover at microsoft.

Tried three more programs from your suggestions above. Two found nothing. The third found the two files but couldn't repair them.

More work.

Peace.

If all else fails, and this might actually be cheaper than trying to hire someone to remove the doggone thing -- buy a new hard drive, install it and put Windows on it, then mount the sick drive in the secondary slot and copy over the files you need.

Reinstall all the programs from scratch. Run a virus scan on your mailbox before you import any of the mail on the old drive. That should give you a clean copy of Windows to work with.

Watch your sales or check on eBay -- I just got a Western Digital 160 GB drive for my son for $60. The diagnostics check at the local computer store runs $75 before they do anything to it at all.

http://server1.inlandnet.com/~jilittle/icon5.gif

I run Ad-Aware, Spybot, and Microsoft Anti-spyware on a regular schedule. I also use Spyware Blaster. It's not a cure-all, but life sure is a lot better now that I use them. Sadie, if you can update to Windows XP, life will be alot easier. Good luck!

got any idea how you ended up getting the virus?

No, George, but I just now saw that these two files have been on my computer for ages, which means Norton has been not finding it.

I'm going to not worry about it anymore. Or maybe I'll worry, but less.

Or maybe I'll have a major panic attack and worry endlessly. :p

But for now all I'm worried about is the chicken cacciatore that's making the house smell great.

Peace,
Sadie

You may have some luck with AVast. It's a free antivirus tool.