also @ TechSpot: Google begins building out 1Gbps Internet to two U.S. cities
Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Sign up or Login to participate.
Go Back   TechSpot OpenBoards > Tech Support > Virus and Malware Removal
Reload this Page Win32/heur, sin32/virut, Vundo B & Trohan Generic 15. AUWC

Begin your free trial now Pay-as-you-go options starting at $10/user/month

Win32/heur, sin32/virut, Vundo B & Trohan Generic 15. AUWC
Thread Tools Search this Thread
  #1  
Old 11-14-2009
Newcomer, in training
  
Member since: Nov 2009, 1 posts
Win32/heur, sin32/virut, Vundo B & Trohan Generic 15. AUWC
I download remove virus programme but I could not open and run them. like comboFix & Malwarebytes, and now won't let me open avg web page or other helpful webpage.

Could not go to safe mode either.

I am using AVG 8.5 and it is wdw xp

could not go to helpful website but being hackjact to other malicious page.

It seems that I could not do anything becasue the registry being infected?

sorry I don't know any technical term to describe or run the dot programme to show the problem

Any advice please please, I just get on the internet in 2 days and haven't backed up all my personal file, so worry now....

If I reinstalled xp, would all my pre-factory installed things like 'nero' gone as well.

Thanks in advance.
  #2  
Old 11-16-2009
Tmagic650's Avatar
TechSpot Ambassador
  
Location: "The Treasure State" USA
Member since: Aug 2006, 14,639 posts
System specs
"If I reinstalled xp, would all my pre-factory installed things like 'nero' gone as well"...

Yes, but you may have no other choice... When you reinstall XP please do a full format and not a quick format
  #3  
Old 11-20-2009
Bobbye's Avatar
Helper on the Fringe
  
Location: Florida
Member since: Mar 2007, 14,987 posts
bear , if you're still having this problem we need to confirm Virut:

Win32/heur, sin32/virut, Vundo B & Trohan Generic 15. AUWC

Virut is a Polymorphic File Infector that infects .EXE and .SCR files. It opens a Backdoor by connecting to a predefined IRC Server and waits for commands from the remote attacker

And I can say anything better or different than what you can read here:
http://miekiemoes.blogspot.com/2009/...-throwing.html


Change all of your passwords and monitor any online transactions.
So don't waste you time - Don't look for 'guaranteed removals'- there aren't any.

Before we can continue please do the following:
  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
    • c:\windows\system32\userinit.exe
  • Click on the Upload button
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
Also scan these,

C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe


If Virut is confirmed, I will recommend a reformat/reinstall right up front. but if it not confirmed, perhaps we can clean some of it up.
Closed Thread

Similar Topics
Topic Replies Forum
[Not curable - Virut] Help with Win32/Heur. Log fies included 7 Virus and Malware Removal
Win32/Heur & Win/Virut Virus detected by AVG. Need help 15 Virus and Malware Removal
Viruses! Virut, heur, cryptor 34 Virus and Malware Removal
Help with: Trojan Dropper.Generic.AINC, Win32/Virut, Others 17 Virus and Malware Removal
Win32/Heur + TR/Vundo.Gen, possibly some others 26 Virus and Malware Removal

Thread Tools Search this Thread
Search this Thread:

Advanced Search
All times are GMT -4. The time now is 02:09 PM.