Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus: Backdoor.rustock.r


  • Please log in to reply
2 replies to this topic

#1 Matthew Alan

Matthew Alan

  • Members
  • 105 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tennessee
  • Local time:02:02 AM

Posted 03 March 2007 - 06:54 PM

I get a Virus Alert: Backdoor.Rustock.R has infected, C:\DOCUME~1\Owner\LOCALS~1\Temp\winsyst32.exe and is unable to repair or delete this file. How can I delete this?

Here is a ScreenShot: Posted Image





Moved from the "XP Forum". ~acklan~

Edited by acklan, 03 March 2007 - 07:24 PM.


BC AdBot (Login to Remove)

 


#2 HIPPO1023

HIPPO1023

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:02 AM

Posted 03 March 2007 - 07:34 PM

Read HERE, but don't perform it.
You are infecting with "Rootkit", I think.
I strongly recommend that you solve this problem with an expert.
Please read HERE, and post your HijackThis log file to "HijackThis Logs and Analysis" of this forum.

#3 buddy215

buddy215

  • Moderator
  • 13,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:02 AM

Posted 03 March 2007 - 07:35 PM

This describes your infection:
http://www.bleepingcomputer.com/startups/WinSyst32-6812.html

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

Post a Hijack This log in the appropriate forum by following the directions in the link below.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users