Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection From Zip File Named 'flv To Avi Converter'


  • Please log in to reply
7 replies to this topic

#1 breakankles

breakankles

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:41 PM

Posted 20 May 2008 - 09:05 AM

I downloaded and unzipped a file claiming to be flv to avi converter. The unzipped file includes an exe file & I believe 4 notepad files. When I tried to run the exe file to install what I believed was a video converter, nothing happened. Once my pc went through that process and there were no longer any tasks or processes being run, I tried to open my firefox browser and a error dialogue box popped up saying the program could not be accessed or that I was not authorized to access it. I can't remember the exact wording and as I am not at that pc, I am not able to go through the actions right now. Anytime I tried to run any program or access anything under the control panel (ie, add/remove programs) or help/support to try to do a system restore, I was blocked. I'm also unable to shutdown the computer properly. The only way to turn it off is to press the power button & interrupt the pc.

This file was download while trying to download the movie Iron Man in flv format at a streaming movie website. I think the website may be omegatube.com or themoviedownloads.org. I cannot access my browsing history since I the infection prevents me from opening anything so I am not sure where I got the file.

The only thing I did try was running the pc in the last good config, which did nothing.

When I get home, I will try to access the properties for the file b/c I think there was a name or some sort of other information that may help me trackdown the file's origin. I update the thread if I find anything.

Thanks in advance for any help.

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:41 PM

Posted 20 May 2008 - 12:50 PM

I doubt that a system restore would fix the infection, but if you go to safe mode command prompt
and type

%systemroot%\system32\restore\rstrui.exe

that should give you access to system rstore
Chewy

No. Try not. Do... or do not. There is no try.

#3 breakankles

breakankles
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:41 PM

Posted 20 May 2008 - 02:44 PM

I doubt that a system restore would fix the infection, but if you go to safe mode command prompt
and type

%systemroot%\system32\restore\rstrui.exe

that should give you access to system rstore


Thanks DaChew

I was only considering system restore b/c I thought I might remove the infection/virus.
I'm going out of the country on Sun and there are many things I need to do on my comp before I go so I'm starting to panic.

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:41 PM

Posted 20 May 2008 - 04:57 PM

I'm going out of the country on Sun


I think I would reload, that way you can control the time frame better
Chewy

No. Try not. Do... or do not. There is no try.

#5 breakankles

breakankles
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:41 PM

Posted 20 May 2008 - 09:02 PM

I'm going out of the country on Sun


I think I would reload, that way you can control the time frame better


Sorry if I sound dumb, but I don't understand what you mean by reload.

#6 breakankles

breakankles
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:41 PM

Posted 22 May 2008 - 10:24 AM

DaChew- I followed your instructions on how to access system restore through the safe mode & that worked.
Thanks so much. I did notice that the notepad files included in the zipped file were still there when I restored to before I downloaded that file.
Is there any way to see if this thing still has its tentacles in my cpu and is still possibly causing harm?

#7 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:41 PM

Posted 22 May 2008 - 10:44 AM

http://www.bleepingcomputer.com/forums/ind...mp;#entry811062

run this as soon as possible and post the log

system restore just fixes part of windows not remove an infection

and try to stay away from illegal pirating sites or you'll never get your computer clean

watch iron man trailers or go to the theater

Edited by DaChew, 22 May 2008 - 10:45 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#8 breakankles

breakankles
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:41 PM

Posted 23 May 2008 - 11:30 AM

http://www.bleepingcomputer.com/forums/ind...mp;#entry811062

run this as soon as possible and post the log

system restore just fixes part of windows not remove an infection

and try to stay away from illegal pirating sites or you'll never get your computer clean

watch iron man trailers or go to the theater


Yeah Yeah. I know about the movies. :thumbsup: I will do this today and post this evening.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users