Jump to content

Help with an infection


rudrax

Recommended Posts

For my download, I have made an export file from IDM and copied the temporary download folder to an external drive. Will it gonna work in other machine?

Ensure that your privacy tools (such as CCleaner) are not set up/scheduled to wash/wipe your system and that you've also backed up the following registry entry:-

[HKEY_CURRENT_USER\Software\DownloadManager]
Link to comment
Share on other sites


  • Replies 62
  • Views 6.3k
  • Created
  • Last Reply

What's the current status of your system?

Aren't the malware been decimated?

I don't know as I can't dare to turn my AV on as if there still remains infected exe, it will delete them all.
Link to comment
Share on other sites


What's the current status of your system?

Aren't the malware been decimated?

I don't know as I can't dare to turn my AV on as if there still remains infected exe, it will delete them all.

Ah, that's easy enough to test out - just recreate some of the .exe files that were previously deleted (from their original directories) and monitor the repercussions.

If you've followed my 3 headsup - the malware should not be able to get activated on boots (and would remain merely passive - if at all, in existence.)

Take a hard look at your hosts file, too for any signs of tampering.

Link to comment
Share on other sites


Do not use System Restore, under any circumstance(s) - that will cause your laborious IDM download to also go back in time.

Link to comment
Share on other sites


As good as i know , System restore does not effect personal files and documents . It will only restore program and system files on the drives for which you have it enabled . So , if you run a restore , i dont think your IDM download shall be interrupted or corrupted .

System Restore is the first basic step to take once an infection is suspected - not because of IDM.

When the system is dis-infected, System Restore has the elevated privileges of restoring all the infections that were previously removed.

Agreed and i do know .

I said so regarding the fact that how the default system restore works , when triggered .

In normal clean state , it does work as i said and so helps , but when the system is infected , it can do system damage on the contrary ,

and that is when ( like here , in conditions like this rudrax's case ) it is pertinent to shut it down !

@rudrax ,

I dint know you were d/ling an ISO . So , if system restore is run , it might render your present d/l amount null ! .

And more so , its not even recommended from security point ...

I say your best bet is a Live Virus Killer tool .

I have used both KAV and Eset on two friends systems and both of them worked for me ......

Link to comment
Share on other sites


Also, for added insurance - exclude the following 2 folders from all your security systems (at least, until your ISO is fully downloaded and out of the infected system):-

  • C:\Users\rudrax\AppData\Roaming\IDM
  • The actual directory wherever your usual downloads from IDM are configured to get saved.

Edit:-

This will also cause your downloads to speed-up.

Link to comment
Share on other sites


unknownasphyxiated

better finish the ISO first then start thinking on how to deal with the infection :lol:

because he already disable his av,i don't think he need to do any exclusion

Link to comment
Share on other sites


because he already disable his av,i don't think he need to do any exclusion

That's precisely the reason why I used the word Security Systems, instead of AV. :coolwink:

Link to comment
Share on other sites


SnakeMasteR

Seriously, that is a POS infection. I don't think you can get rid of it completely without loosing half of important files.

Link to comment
Share on other sites


Yea, Flatten drive redo, it,s a Bitch but that,s what i had to do!!! :rolleyes:

Link to comment
Share on other sites


Or,

Win32/Virut:

If the infected computer is connected to LAN, disconnect it and re-connect only after all other computers have been checked and cleaned.

  • Download the executable file rmvirut.exe
  • Then run the tool for removal of infected files. The tool will automatically scan all available discs and will try to heal the infected files. If an active virus is found in memory, the tool will ask the user to reboot the computer. Healing will be performed during operating system boot-up sequence, so any active virus cannot interfere with the healing process.
  • Update you A/S after restart and run a complete test.

:rolleyes: :)

Link to comment
Share on other sites


1- Uncheck unknown(or Suspicious) processes from Startup by using "msconfig" command

2- Try Installing Kaspersky or bitfdefender (known for being very good in desinfection capabilities), if you can't install it try an updated bootable CD of the Kaspersky

hope this helps =)

Link to comment
Share on other sites


.....

After the infection my antivirus Webroot SecureAnywhere...

Something's wrong - You have Webroot SecureAnywhere, and you claim that you've got a virus. Some thing's gotta be wrong. You're protected on all sides - or not? Now, it might be time to ask for damages, if this slogan or ad is wrong and You aren't Secure Anywhere.

Link to comment
Share on other sites


.....

After the infection my antivirus Webroot SecureAnywhere...

Something's wrong - You have Webroot SecureAnywhere, and you claim that you've got a virus. Some thing's gotta be wrong. You're protected on all sides - or not? Now, it might be time to ask for damages, if this slogan or ad is wrong and You aren't Secure Anywhere.

It has shocked me too. As my notebook is my little brother's possession at the time of infection, he inserted and scanned a pen drive before opening that but webroot failed to detect. Then when he opened the pen drive webroot detected infection and went crazy. This is the first time that webroot disappointed me.

Link to comment
Share on other sites


What's the current status of your system?

Aren't the malware been decimated?

I don't know as I can't dare to turn my AV on as if there still remains infected exe, it will delete them all.

Ah, that's easy enough to test out - just recreate some of the .exe files that were previously deleted (from their original directories) and monitor the repercussions.

If you've followed my 3 headsup - the malware should not be able to get activated on boots (and would remain merely passive - if at all, in existence.)

Take a hard look at your hosts file, too for any signs of tampering.

Yeah I followed your steps and I have, now, the system restore disabled. Now, I will wait till my download completes and in between that if I find any problem with that malware, I will update here - please try to help me.

Link to comment
Share on other sites


princenarwal

I had an infection like this 3 or 4 years ago (don't remember the threat name but symptom was same) i tried two or three antiviruses but they could not repair the .exe then i tried quick heal and it repaired most of the .exe. after that i repaired the window and everything was working fine. also quick heal has a boot scanner option. so I will suggest you to use old quick heal version.

May be this will help you too. Best of luck..

Link to comment
Share on other sites


Blackchildcx

did bootscan help?

Link to comment
Share on other sites


You could also try to boot ans scan from an eset sysrescue / kaspersky rescue media cd :)

Link to comment
Share on other sites


did bootscan help?

Didn't try it as it may delete the infected executable too leading the OS to damage.

Link to comment
Share on other sites


rudrax

you can try this, i had this issue before. But, after do full scan completely, it would majorly save your .exe files. This tools is specifically design to cure these kind of infection. ;) or you can use rescue disk to do full scan. Waiting for your answer mate meme17.gif

Link to comment
Share on other sites


I had an infection like this 3 or 4 years ago (don't remember the threat name but symptom was same) i tried two or three antiviruses but they could not repair the .exe then i tried quick heal and it repaired most of the .exe. after that i repaired the window and everything was working fine. also quick heal has a boot scanner option. so I will suggest you to use old quick heal version.

May be this will help you too. Best of luck..

I'm downloading windows 8 and planning to format my system with it. Till then, I just need to survive my OS. Thanks for your help though.

Link to comment
Share on other sites


rudrax

you can try this, i had this issue before. But, after do full scan completely, it would majorly save your .exe files. This tools is specifically design to cure these kind of infection. ;) or you can use rescue disk to do full scan. Waiting for your answer mate meme17.gif

Thanks buddy :)

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...