Win32/heur, sin32/virut, Vundo B & Trohan Generic 15. AUWC

Status
Not open for further replies.
B

bear

I download remove virus programme but I could not open and run them. like comboFix & Malwarebytes, and now won't let me open avg web page or other helpful webpage.

Could not go to safe mode either.

I am using AVG 8.5 and it is wdw xp

could not go to helpful website but being hackjact to other malicious page.

It seems that I could not do anything becasue the registry being infected?

sorry I don't know any technical term to describe or run the dot programme to show the problem

Any advice please please, I just get on the internet in 2 days and haven't backed up all my personal file, so worry now....

If I reinstalled xp, would all my pre-factory installed things like 'nero' gone as well.

Thanks in advance.
 
"If I reinstalled xp, would all my pre-factory installed things like 'nero' gone as well"...

Yes, but you may have no other choice... When you reinstall XP please do a full format and not a quick format
 
bear , if you're still having this problem we need to confirm Virut:

Win32/heur, sin32/virut, Vundo B & Trohan Generic 15. AUWC

Virut is a Polymorphic File Infector that infects .EXE and .SCR files. It opens a Backdoor by connecting to a predefined IRC Server and waits for commands from the remote attacker

And I can say anything better or different than what you can read here:
http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html


Change all of your passwords and monitor any online transactions.
So don't waste you time - Don't look for 'guaranteed removals'- there aren't any.

Before we can continue please do the following:

  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
    • c:\windows\system32\userinit.exe
  • Click on the Upload button
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
Also scan these,

C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe


If Virut is confirmed, I will recommend a reformat/reinstall right up front. but if it not confirmed, perhaps we can clean some of it up.
 
Status
Not open for further replies.

Similar threads

Julio Franco
Here's how you can get hired at your dream tech company
Replies
3
Views
141
erickmendes
erickmendes
Bob O'Donnell
The surprise winner for generative AI
Replies
4
Views
609
kiwigraeme
K
Scorpus
AMD promises upscaling quality improvements with FSR 3.1 update, adds Vulkan and Xbox...
Replies
7
Views
159
Puiu
Puiu

Latest posts

Back