trawled
Mon Oct 11 05:53:57 CDT 2004
"steve" <anonymous@discussions.microsoft.com> wrote in message news:<3bcc01c4af4c$30ad8530$a601280a@phx.gbl>...
> I have trenmicro officescan, and it is picking up a virus
> it calls TROJ_KILFILES.FZ running at startup on a windows
> ME computer. I cannot seem to remove the file or get any
> info on it. Any ideas?
The description below comes from Trend's own virus encylopedia, though
nothing could be found searching for "KILFILES", "killfiles",
"TROJ_KILFILES" "TROJ_KILFILES.FZ" in neither Trend nor Symantec. This
came up from Google.
The ".FZ" variant, with one L, is only listed in "What's New" for
Trend's virus definition files.
Symantec describe a "Diskfill-C" only.
Have you tried stopping any mystery processes in the Task Manager?
Try the search for "North Korea death"
TROJ_KILLFILES.U
Virus type: Trojan
Destructive: No
Aliases: Diskfill-F, Trojan:Win32/KillFiles.U
Pattern file needed: 1.484.00
Scan engine needed: 6.500
Overall risk rating: Very Low
Reported infections: Low
Damage Potential: Medium
Distribution Potential: Low
Description:
This Trojan floods the current hard disk drive with large files until
system resources run out. This payload can result in the hard disk
crashing, the system halting, and can leave Windows unable to start.
This Trojan affects systems running Windows 95, 98, ME, NT, 2000, and
XP.
Solution:
Identifying the Malware Program
Before proceeding to remove this malware, first identify the malware
program.
Scan your system with Trend Micro antivirus and NOTE all files
detected as TROJ_KILLFILES.U. To do this, Trend Micro customers must
download the latest pattern file and scan their system. Other Internet
users can use HouseCall, Trend Micro's free online virus scanner.
Terminating the Malware Program
This procedure terminates the running malware process from memory. You
will need the name(s) of the file(s) detected earlier.
1. Open Windows Task Manager.
On Windows 9x/ME systems, press
CTRL+ALT+DELETE
On Windows NT/2000/XP systems, press
CTRL+SHIFT+ESC, and click the Processes tab.
2. In the list of running programs*, locate the malware file or
files detected earlier.
3. Select one of the detected files, then press either the End Task
or the End Process button, depending on the version of Windows on your
system.
4. Do the same for all detected malware files in the list of
running processes.
5. To check if the malware process has been terminated, close Task
Manager, and then open it again.
6. Close Task Manager.
Deleting Malware Files
1. Right-click Start then click Search? or Find? depending on your
version of Windows.
2. In the Named input box, type:
North Korea death
3. In the Look In drop-down list, select all local drives, and then
press Enter.
4. Delete all files found with file names containing the search
string.
Additional Windows ME/XP Cleaning Instructions
Running Trend Micro Antivirus
Scan your system with Trend Micro antivirus and delete all files
detected as TROJ_KILLFILES.U. To do this, Trend Micro customers must
download the latest pattern file and scan their system. Other Internet
users can use HouseCall, Trend Micro's free online virus scanner.
Trend Micro offers best-of-breed antivirus and content-security
solutions for your corporate network, small and medium business or
home PC.