• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

BackDoor.Katien.A

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
JFettig

JFettig

Hey! I showered! Senior
Joined
Jan 5, 2002
Location
MN
Hey, I have AVG antivirus and it keeps popping up a message that I have BackDoor.Katien.A and says to run it, I run it and it finds nothing, It doesnt even search in the folder it says it found it. It says D:\System Volume Information\.......
I just also tried pc cillin 2000 updated. found nothing.

I did a search, found one site with information, but nothing that would get rid of it.

Jon
 
Did you try Housecall ? it may find a trojan called TROJ_KATIEN.A.

However, because it's in your system volume you may not be able to remove it without disableing "System Restore".

If you have a HDD/system with WinME or 98 you could try to boot from that and try to delete it from there (Never tried this, but you won't be able to delete it if the system volume is in use, it'll say "access denied").

Hope that helped.
 
thanx KILLorBE, I will have to see what I can figure out then.

Jon
 
Ok, you told me win98 or ME, does it have to be that by any chance? the reason I ask is that win 98 or ME wont read NTFS and I already have a HDD with WinXP on it. Shoudl I just give that a shot?


Jon
 
I think that should be fine as well, but I'm not sure how XP handles other system files (IE: Files from another XP install) most likely the infected system volume won't be in use, thus allowing you (The AV app) to delete/remove the virus/trojan.

If that doesn't work the only way I know to get rid of it is by disabling system restore, but that also means you will lose all restore points....well it's still better than having a virus/trojan.

Good luck, and let us know how it went.
 
By disabling system restore, whats going to happen? basicly I loose the ability to restore windows or what? If so, thats fine, I have all my goodies on the D: and windows and install stuff on C:

Also, how do I do it? I havent checked yet, but if its something that I have to do some steps, let me know.

Jon
 
JFettig said:
By disabling system restore, whats going to happen? basicly I loose the ability to restore windows or what?
Click to expand...
Something like that, you loose the ability to restore XP to its previous (working) state, sometimes it comes in handy when you install a program that screws up your XP install and leaves you with a non working system, when that happens you can use the XP CD to load a restore point (previous working state), it'll undo all registry changes after the last restore point or a point that you or XP made, you can make restore points manually, or have it done by XP (Not sure when or how many restore points XP makes by default as I don't use it....It can take up quite a bit of HDD space...2GB orso is not uncommon).

JFettig said:
If so, thats fine, I have all my goodies on the D: and windows and install stuff on C:

Also, how do I do it? I havent checked yet, but if its something that I have to do some steps, let me know.

Jon
Click to expand...
If you don't really care I suggest you disable system restore, Remove also had a virus in his system volume, you can read more about that in this thread (**EDIT** Including a step by step howto).
 
Well, it didnt work. it pops up the messages about the virus being there, but it never can find it when I search, and I still cannot get into that folder


Jon
 
I am not seeing an online scanner there....
maybe Im just blind;)

Jon
 
I just had a look on my new drive, and XP made a new "System Volume Information" folder, so my guess is that even if you hook up a different drive with XP installed, it'll still use the same folder.

Did you try disabling system restore? usually that gets rid of most of the files.

But maybe you have a new virus :)eek: should I be talking to you?;) ).

You could try a few of these (Free online scanners):
HouseCall...as mentioned before.
BitDefender
Panda Active Scan
Kaspersky....NOTE: 1MB files max, but I do believe they have a trial version.
Virusscan.nl (McAfee)...Dutch and I'm not sure if they're still alive.
PC PitStop...I believe they use HouseCall (MicroTrend) not sure tho.

One of my all time fav's is QH (Quick Heal), they have a 30 day trial version. While it does put some files in each folder it does a great job (do a search for the extension when you're done, .qh orso and simply delete the files to get rid of them.....uhh I didn't mention that the files are still there after you uninstalled the program).
 
yeah, I tried the system restore thing, no go, Kendan, I found it like an hr later;)


Jon
 
I'm not sure if disabling System Restore takes out all the restore points too. If you disable it first (Start-->Run-->Services.msc-->System Restore service-->Properties-->Disable-->Reboot) then go to the Windows Disk Cleanup utility, you can find an option to delete all but the most recent restore point. That'll get rid of almost all of your restore files.
 
Did you run 'SpyBot Search and Destroy' or 'Ad-Aware'?

@ johan851 Thanks I didn't know that.

**EDIT** As most virii and trojans are European you might find some usefull info at EICAR (European Institute for Anti-Virus Research).
 
Last edited:
KillorBe, no I havent run those, but I did as johan851 said, I will have to see what happens.

Jon
 
You must log in or register to reply here.

Similar threads

BruceUSA
Synology NAS help Please
Replies
4
Views
109
=XAF=AfterShock
=XAF=AfterShock
petteyg359
Optical audio output that supports DTS encoding
Replies
1
Views
348
Evilsizer
Evilsizer
Niku-Sama
Firefox clippy sounding audio on twitch streams
Replies
3
Views
587
EarthDog
EarthDog
Q
Need help finding proper AC power cable
Replies
7
Views
255
quartertwelve
Q
Zuzzz
Bluetooth versions, (AVRCP) How does it effect your earbud experience???
Replies
0
Views
1K
Zuzzz
Zuzzz
Back