Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

is this possible?


  • Please log in to reply
17 replies to this topic

#1 sniper8752

sniper8752

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 10:13 AM

I was scanning an internal laptop hard drive, and found the pagefile.sys infected. is this just a false positive? i am using avast! to scan.


http://www.mediafire.com/imageview.php?quickkey=597wpewmrs69dbe

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:45 PM

Posted 12 May 2012 - 10:26 AM

Virut is a very serious infection because it's not curable.
What is drive "G"?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 10:35 AM

i plugged in a internal laptop hard drive via an adapter. how is it not "curable"? at worst, couldn't you just format it?

#4 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 10:36 AM

and would it hurt if i plugged it into my laptop to do a virus scan?

and would this help?: http://support.kaspersky.com/faq/?qid=208280756

Edited by sniper8752, 12 May 2012 - 10:37 AM.


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:45 PM

Posted 12 May 2012 - 10:39 AM

couldn't you just format it?

Yes, formatting is the only solution for Virut.

and would it hurt if i plugged it into my laptop to do a virus scan?

Possible.

To deal safely with any suspicious external device...
Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

I suggest you run full scan of your computer.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 01:10 PM

ok - i will format it then.

#7 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 01:13 PM

and why can't i vaccinate the usb drive?

http://www.mediafire.com/imageview.php?quickkey=f665ztz93osoc98&thumb=6

and why won't the kasperskey work?

Edited by sniper8752, 12 May 2012 - 01:14 PM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:45 PM

Posted 12 May 2012 - 01:37 PM

why won't the kasperskey work?

??

why can't i vaccinate the usb drive?

For NTFS drives you have to set that kind of support during installation.
See here: http://research.pandasecurity.com/Panda-USB-Vaccine-with-NTFS-Support/
So you have to either reinstall it, or use BitDefender.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 06:35 PM

i meant this: http://support.kaspersky.com/faq/?qid=208280756

and why can't you just remove virut?

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:45 PM

Posted 12 May 2012 - 06:42 PM

You are infected with a polymorphic file infector (Virut). This infection can and will infect all the machine's executable files .exe, .scr, .rar, .zip, .htm, .html. Because there are a number of bugs in its code, it may create executable files that are corrupted beyond repair resulting in an inoperative machine.

Malware experts say that a Complete Reformat and Reinstall is the only way to clean the infection. This includes All Drives that contain following files:
*.exe
*.scr
*.htm
*.html
*.xml
*.zip
*.rar
*.doc
*.jpg
*.pdf

Backup all your documents and important items only.
DO NOT backup any files mentioned above.

I suggest you do the following immediately:

* Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
* From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
* DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

For more information on Virut, and why you need to reformat, have a read of miekiemoes blog here.

To find out how to carry out an XP Reformat and Reinstall, please see this page. If you are using Vista, then check this page instead.

Once you have reformatted and reinstalled Windows, have a look at this page for some useful tips on staying clean, along with links to some freeware to help.

To find out more information about how you may have got infected in the first place, you can read this article.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 06:45 PM

what would be the best way to wipe the drive clean? use dban on it?

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:45 PM

Posted 12 May 2012 - 06:46 PM

That should work.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 12 May 2012 - 06:51 PM

can i found out anyhow the ip address that is controlling it, or the program that was installed to infect the machine?

EDIT:
also, how can i prevent this next time? would malwarebytes help?

lastly, is there a specific scanenr that I can use to check for infection on my good computer?

Edited by sniper8752, 12 May 2012 - 07:05 PM.


#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:45 PM

Posted 12 May 2012 - 07:15 PM

can i found out anyhow the ip address that is controlling it, or the program that was installed to infect the machine?

Not possible.

how can i prevent this next time? would malwarebytes help?

Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

is there a specific scanenr that I can use to check for infection on my good computer?

Run full scan with your AV program.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 383 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 13 May 2012 - 07:46 AM

How do I run dban on the external hard drive?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users