TechSpot

[Closed] Bamital/Patched-Rp/Smitnyl Trojan infection (Explorer, Userinit, Winlogon)j

By AlbionPT
Apr 6, 2011
  1. Greetings all.

    I'm trying to fix a friend's laptop from a serious virus/malware/trojan infection.

    I have ran a few anti-virus/spyware softwares in order to solve the situation (Avast, MalwareBytes, ESET Online Check , Hitman Pro 3.5) to see if I could clean the computer but after removing an absurd amount of "infected junk" (close to 900 files/entries!) I slammed aggainst a wall.


    Step 1: Avast detected:

    explorer.exe, useriniti.exe , winlogon.exe &
    Master Boot Record infected with Bamital/Patched-RP and Smitnyl. Deleting/Quarentine/Heal didn't work.

    Step 2: Ok

    Step 3:

    I was having a few issues in here. I had to use an outdated database 1st because whenever I tried to update I got a BSOD. After removing a few virus I managed to update without BSOD.

    Step 4 to 7: OK

    Extra: Even if it was not asked I ran HiJackthis and found a few "suspicious" entries on the "Host files", so I'm also adding a HJ Log to the thread.

    Also the computer is giving me a ' "explorer.exe" can't start cause a DLL is missing' but I see an explorer.exe instance on Task Manager.

    Since this is not my laptop I would really like to fix the issues without having to format...

    Thanks in advance.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Please, don't create double topics.
    I'm closing this one.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...