Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Brought to me this morning is an XP system which has a brand new, undetectable variant of either Virux or Virut.
I have restored the registry to 9/10/2009 (thank you ERUNT!), deleted several trojan (.SYS) files using a Dos boot CD, and scoured the system; even running AVG's Virut removal tool (V1.22+) and nothing is detected (period) But; even in Safe Mode, running Sysinternals Autoruns, it starts to load, dissapears, and the Autoruns.exe file is then corrupted. Even better, it has been set so I can't copy it to send out for analysis!
The owner of the system was initially attacked on 9/30/2009.
I have restored the registry to 9/10/2009 (thank you ERUNT!), deleted several trojan (.SYS) files using a Dos boot CD, and scoured the system; even running AVG's Virut removal tool (V1.22+) and nothing is detected (period) But; even in Safe Mode, running Sysinternals Autoruns, it starts to load, dissapears, and the Autoruns.exe file is then corrupted. Even better, it has been set so I can't copy it to send out for analysis!
The owner of the system was initially attacked on 9/30/2009.
Back to top
? ) so any new varient isn't welcomed!
Posted 13 October 2009 - 08:18 PM
