Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bad virus- what next? [Moved]


  • Please log in to reply
4 replies to this topic

#1 alfie_dub

alfie_dub

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 01 August 2009 - 05:28 PM

Hi everyone,

I got infected 2 days ago with win32 vitro and have been trying to resolve it with no success. I cannot log onto windows, even in safe mode, it's stuck in a login loop where if i put my username and password in, it returns me to the same login screen.

I've tried running Dr Web live cd and it picked up about 100 files, although none of them infected with vitro, (i remember seeing it come up on my anti virus when i first contracted it though, so it's in there somewhere) most of them were trojan.packed.140 or virut. I deleted/cured the infected files but still no luck.

i've now tried doing a Windows rebuild with an XP setup disk (following these instructions: http://www.informationweek.com/1094/langa.htm)

I press any key to load from disk, and get the blue screen saying 'Setup is loading files' and then 'setup is starting windows'. The next screen I get says 'A problem has been detected and windows has been shut down to prevent damage to your computer.....check for viruses on your computer.....run chkdsk/f to check for hard drive corruption'......etc etc

I have no input before this screen comes up, there's nothing I can do but turn it off after this message displays. Does this mean that I won't even be able to format it, or is there a way around this?



Also- I have my documents I want to recover on an extra hard drive installed in my machine. I can remove this, and connect it to a working PC or a caddy to recover my files, but how can I check that this hard drive hasn't been corrupted before I connect it to a clean PC, I don't want to spread this thing any further! If i can do this i'm happy to kiss goodbye to my PC, it was old anyway and i'm getting a new one soon.

Any help welcome. cheers!

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,009 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:07 AM

Posted 01 August 2009 - 07:12 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:04:07 AM

Posted 01 August 2009 - 09:17 PM

most of them were trojan.packed.140 or virut.


Virut is the worst of the worst. Let's verify that is what you have. Please post the Dr,Web log, or rerun and post a new log. Do not transfer any files from your computer or send any emails.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith


#4 alfie_dub

alfie_dub
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 02 August 2009 - 06:44 AM

Thanks for the replies. To create a log, do I need to run a complete scan with Dr Web? Can I use a pen drive to save to scan results to, as I need to use another computer to post them online?

#5 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:04:07 AM

Posted 02 August 2009 - 04:40 PM

No... if you cannot post using the infected computer, please just check for infections named Virut. If you can list a few of the examples found, that would help alot.

Do not expose the clean computer to any files of the infected one.

Edited by rigel, 02 August 2009 - 04:41 PM.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users