I assume it's best for each individual to start their own threads instead of piggybacking on other previous Win32/heur threads so everybody can keep stuff straight. I'm currently working on the 8 steps and running step 1 with avast!. I'm doing a boot scan and it's telling me:
"File C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe is infected by Win32:JunkPoly [Cryp]".
When I tried to move it to the chest, it said "File is in Windows folder, are you sure?"
Should I say yes or no? Since it's an .exe, I'm concerned that moving it may cause further undesirable damage. So if someone could tell me whether to move this file or not, I'll then be on my way and will get the 8 steps and log results posted ASAP, as well as the other circumstances surrounding this nasty infection.
I'm on a 5-weeks old Dell Vostro 2510 running XP. Yes, only 5 weeks old. Ugh.
I went ahead and moved everything infected in the WINDOWS folder to the chest. So far so good, I guess. Can still move around in Safe Mode with no problem and still just getting the blue screen if I try to boot into XP normally. However, one of 40 infected files that showed up was NOTEPAD.EXE, infected by Win32:JunkPoly [Cryp] (in fact, 32 of the 40 infected files were infected by JunkPoly. Nasty little bugger). I told it to ignore it since I read that NOTEPAD.EXE will trigger a false-positive. Is anyone sure about that? Obviously I don't want to post .txt logs as attachments on the board here if my Notepad itself is infected.
Those scans in the previous post were actually the first I'd seen of Virut and Vitro in my PC. All it had been up to that point was a lot of Win32:JunkPoly and a few trojans. And actually, this all started as AVG picking up "Win32\heur" and it's gotten bigger/worse from there.
I also ran a boot scan late last night. Here's what it turned up:
I want to do the 8 steps and one of the programs suggested is Malwarebyte's Anti-Malware, but I can't even get it to install correctly because I'm getting 2 run-time errors. Tried renaming the .exe file as someone suggested, but that didn't help install either. So apparently I can't run that program.
I'm going to try DrWebCureIt to see if that does anything at all for me, but I think I'm probably looking at a format ahead. I'll post the result of the DrWebCureIt scan when (and if) it finishes. Any advise or suggestions (or sympathy
) in the meantime would be appreciated.
Moderator Edit:
Pasted logs removed. All logs must be attached only
Also you must follow this guide for support: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
"File C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe is infected by Win32:JunkPoly [Cryp]".
When I tried to move it to the chest, it said "File is in Windows folder, are you sure?"
Should I say yes or no? Since it's an .exe, I'm concerned that moving it may cause further undesirable damage. So if someone could tell me whether to move this file or not, I'll then be on my way and will get the 8 steps and log results posted ASAP, as well as the other circumstances surrounding this nasty infection.
I'm on a 5-weeks old Dell Vostro 2510 running XP. Yes, only 5 weeks old. Ugh.
I went ahead and moved everything infected in the WINDOWS folder to the chest. So far so good, I guess. Can still move around in Safe Mode with no problem and still just getting the blue screen if I try to boot into XP normally. However, one of 40 infected files that showed up was NOTEPAD.EXE, infected by Win32:JunkPoly [Cryp] (in fact, 32 of the 40 infected files were infected by JunkPoly. Nasty little bugger). I told it to ignore it since I read that NOTEPAD.EXE will trigger a false-positive. Is anyone sure about that? Obviously I don't want to post .txt logs as attachments on the board here if my Notepad itself is infected.
Those scans in the previous post were actually the first I'd seen of Virut and Vitro in my PC. All it had been up to that point was a lot of Win32:JunkPoly and a few trojans. And actually, this all started as AVG picking up "Win32\heur" and it's gotten bigger/worse from there.
I also ran a boot scan late last night. Here's what it turned up:
I want to do the 8 steps and one of the programs suggested is Malwarebyte's Anti-Malware, but I can't even get it to install correctly because I'm getting 2 run-time errors. Tried renaming the .exe file as someone suggested, but that didn't help install either. So apparently I can't run that program.
I'm going to try DrWebCureIt to see if that does anything at all for me, but I think I'm probably looking at a format ahead. I'll post the result of the DrWebCureIt scan when (and if) it finishes. Any advise or suggestions (or sympathy
) in the meantime would be appreciated.Moderator Edit:
Pasted logs removed. All logs must be attached only
Also you must follow this guide for support: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
