Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BACKDOOR VIRUS ATTACK


  • Please log in to reply
3 replies to this topic

#1 acloud129

acloud129

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:22 PM

Posted 14 October 2011 - 11:38 AM

hi, a few weeks ago i started getting these messages ; "the application or dll c:\program blah blah blah is not a vaild windows image. please check this against your installation disk ".

i attach a photo of it for your reference.

yesterday, i had trojan attacks which disabled my internet and system restore.

i did several scans to remove infected files using, avg, kapersky, spybot and bull dog etc both in safe mode and normal.

whilst the majority were removed, some would not go.

i rang dell. they advised me to do a fresh install of xp.

i did this WITHOUT formatting, as i didnt have back ups and didnt want to lose everything.

the internet started again, but i haven't checked system restore.

anyway, my problem is this : (1) these damn messages above keep reappearing.

(2) the pc has become very slow, even though im a clean freak and regularly clean and defrag.

(3) the viruses get deleted on boot up after a scan, but then reappear again after a while.

im pretty certain i still have infected malicious files but pretend to e friendly.

any help you can give me as a matter of urgency would be gratefully appreciated.

regards, ayub.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 AM

Posted 14 October 2011 - 11:55 AM

Something to consider first. If one or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.



Reformatting a hard disk deletes all data. If you decide to reformat, you can back up all your important documents, data files and photos. The safest practice is not to backup any autorun.ini or .exe files because they may be infected. Some types of malware may disguise itself by adding and hiding its extension to the existing extension of files so be sure you take a close look at the full name. After reformatting, as a precaution, make sure you scan these files with your anti-virus prior to copying them back to your hard drive.

2 guidelines/rules when backing up

1) Backup all your important data files, pictures, music, work etc... and save it onto an external hard-drive. These files usually include .doc, .txt, .mp3, .jpg etc...
2) Do not backup any executables files or any window files. These include .exe/.scr/.htm/.html/.xml/.zip/.rar files as they may contain traces of malware. Also, .html or .htm files that are webpages should also be avoided.

Download Belarc Advisor - builds a detailed profile of your installed software and hardware, including Microsoft Hotfixes, and displays the results in your Web browser.
Run it and then print out the results, they may be handy.


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 acloud129

acloud129
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:22 PM

Posted 18 October 2011 - 05:50 PM

hi, im not sure if u got my message, this is twice it has happened this way. i wrote to let you know that i took your advice and formatted my pc to be on the safe side. im concerened that messages im posting are not coming up on the thread or is it me? am i doing somethig wrong?? cheers anyway for your help and advice. God Bless ! and keep up the good work. :clapping:

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:22 AM

Posted 18 October 2011 - 09:02 PM

Hello, thanks for letting me know. I see you have posted 4 times in the forum. Twice here and twice in Intros.. I do not see ant more posts.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users