Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Infection (kinda Cleaned Up, But Still System Is Having Issues.)


  • Please log in to reply
2 replies to this topic

#1 Xypher

Xypher

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:50 AM

Posted 13 January 2008 - 10:40 PM

So after several attempts to scan for viruses/malware/spyware (HD, slaved, plugged into another computer and ran scan for viruses) and after installing fresh new (repaired) version of WinXP Pro I am still having trouble. I thought I cleaned everything out...

Had massive Win32/Virut infection in most all .EXE / .DLL files but managed to Quarantine/Repair all of them (supposedly.)

I can't update my computer (I get through the process of downloading updates but they fail to install - yes I have a valid version of WinXP Pro). Randomly get .tmp / .exe files still showing up in my C:\WINNT\TEMP folder showing as infected. I see no additional suspicious processes in memory, and I don't know how to finally clean this bugger out.

What do I need to do to finish this thing off?

BC AdBot (Login to Remove)

 


#2 Holdemchick

Holdemchick

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 14 January 2008 - 06:12 AM

Have you tried a system recovery for before the problem occurred? And what virus program are you using?

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,780 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:50 AM

Posted 14 January 2008 - 08:12 AM

You have a real nasty infection on your system. Virut/Virtob is a file infector virus with IRC bot functionality which infects all .exe and .scr files, downloads more malicious files to your system, and opens a back door that compromises your computer. In many cases the infected files cannot be deleted and anti-malware scanners cannot disinfect them properly. When disinfection is attempted, the files become corrupted and the system may become irreparable.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat and reinstall the OS. Please read "When should I re-format?" and "Reformatting the computer or troubleshooting; which is best?".

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach.

You can try the AVG Virut Remover. Follow the instructions exactly as specified and pay close attention to the instructions including the note on administrator rights. If that does not work, there may be no recovery from this infection. The only thing you can do then is reformat and reinstall Windows.

Virut/Virtob is contracted and spread by visiting remote, crack and keygen sites. Those who attempt to get software for free may end up with a computer system so badly damaged that recovery is not possible and a Repair Install will NOT help! Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Starting over, reformatting the drive and performing a clean install removes everything.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users