Necessary virus? I have been stupid again...

This is my boss' computer and I have been stupid - again... It it came from total Windows re-istall from a shop a week ago, with no malware protection. I have just downloaded Avast (because I wanted to protect my flash drive, I don't otherwise care about my boss' the computer), which keeps finding the same virus all over the place: Win32:VB-BVQ[Wm]

Unfortunately I chose to put some files into a chest before I smelled a rat: this is an illegal copy of Windows XP home and I suspect the virus is used to crack the genuine code. Now I have to manually locate every program from program files and Windows programs, like Paint, too corruted to open at all. What shall I say to my boss - this is the second time it's happened?

Also all my word files are infected and it is really embarrassing to get an internet cafe virus checker to flash with every file I open. The worst thing is that if I let the virus to be healed, I don't seem to be able to open my files any more (created in this "infected" machine) I put a lot of effort to write them; I need them for my work.So please, please give me a hand if you can!

Here are my two questions:
1) How can I restore the files from the chest, so that the pc works as before
2) How can I heal my flash drive (let any virus checker to do it, once I've done using this PC, from this virus without losing my data?

 

Thanks I wunderdownunder but I dont think I dare to download any more programs, unless it's guaranteed I can remove it and with Windows behaving as erratically as it does, I'm afraid I cannot use add/remove programs ... I'm surprised IE hasn't been afftected (Thank goodness for that!)

 

Hi claptrap,
Sorry for your difficulties.

See if you can set your restore point back to a date prior to when you installed Avast. If you have not done this before, go to Start / All Programs / Accessories / System Tools / System Restore
Check the box to Restore my computer to an earlier time and click on Next. You'll see a calendar with highlighted dates. Choose one of the dates just preceeding the installation you described and allow your system to return to that date. See if this has a positive effect. If it does, don't assume the computer is now fine, but rather back up your own files before you do anything else.

abri

 

Thanks abri. I tried that but none of the system restore points worked. I had a similar problem with my own machine, with only some restore points working.

When I have been satisfied I have a clean, working pc, with all the necessary programs I want (security and utility programs) I have tried to create a restore point but none of them are ever successful, though I follow the instructions on screen. I am not sure if I'm messing it up or what the problem is, but I sure would like to be able to do that, rather than trust Windows own timing'for restore points!

 

Hi claptrap,

I need a little more information. When the total Windows reinstall on your boss's computer came back from the shop, was the fresh install actually clean? Did you install Avast before you ever put your flash drive into the computer and download the updates and run it to see if the fresh install was in fact clean? Or did you put your flash drive in before running the virus check?

My question is, do you think the infection was a virus showing up in your boss's fresh reinstall called Win32:VB-BVQ[Wm] or do you think it was the result of your putting an infected flash drive into the computer? In more simple terms, do you think his computer infected your flash drive or do you think your flash drive infected his computer?

Is it correct that after you installed and ran Avast, you quarantined what it found and this led to corruption in some of the Windows programs which led you to believe that this worm identified by Avast might in fact be a crack? Or do you know through a different source of information that this is an illegal copy, for instance that he might have mentioned it?

To get more information about this, you need to first establish for yourself whether the copy of XP Home is illegal. Begin by doing two things. First open Windows Explorer (right click on the Start button and then on Explore) and then click on the ? at the top of the page. There you should find the question "Is this a legal copy of Windows?" If it's there, click on this and see what happens. If it's not there, make a screen shot of it and store it on an external medium like a flash drive or cd.

Then also look on the computer casing itself to see if you can tell whether this was a computer which was originally delivered with the operating system installed. There is usually a sticker on the back or the bottom of the computer, depending on whether it is a tower or a laptop.

The reason I'm asking all these questions is because if you know that your boss has illegal software on his computer, then you have every reason to be worried he may have infected your own data. If you think you might have infected his computer, then it would be best to clean it up. The problem is, if it really is an illegal copy, then it will be hard to ever get it cleaned up, so the first thing you need to establish is whether it is a legal copy with a working activation key. If it is, we can help you clean it using the procedures in the READ & RUN ME FIRST.

If you discover that the copy your boss is using really is illegal and that you've caused problems with it by quarantining the crack, you may wish to confront him about it and hand him a newly purchased legal copy of XP Pro. They are still available if you look around a bit. If on the other hand, the copy is legal and you have every reason to believe it was your own flash drive which infected it, then I would simply throw yourself at his mercy and ask him if he will allow you to clean it using our help, or if he would allow you to pay for a reinstallation from the shop. Either way, I believe if you want to continue in his good graces, it may mean some expense to yourself.

Please let me know how you get on with this and what you would like to do?

abri

 

Thanks abri. I'm afraid the copy of windows is illegal: he says he has a legal Korean copy but got this one installed so non-Koreans, like me, can use it... As for illegal copy, as soon as the pc starts, and regularly when using the pc, a message pops up telling the copy is counterfeit.

I downloaded and used Awast before using my flash drive, so I am pretty much sure the virus was there from the start - I find it difficult to imagine that the same virus, and nothig else,had got into his coputer twice by accident... That made me think the virus might have been a crack, especially as it seems to be attached in so so many Windows programs and processes.... I don't know if the p'c had a complete re-install or just an installation of top. I have now finished my employment in there (pre-planned, nothing to do about the computer) but I still have my infected flash disk with data I really don't want to loose, so ny advise about cleaning/ saving data would be much apreciated. I am now on holiday, using internet cafes but I will be back beginning of June and my first priority will be the flash disk - also copying data from another flas drive that's got corrupted and doesn't allow the normal copy process (I can only read the data in that one). So advise on that in also welcome.

 

Hi claptrap,

Please try scanning the flash drives with the BitDefender online scan which has to be run with Internet Explorer and with Active X enabled. Go to Running BitDefender Online Scan and click on I agree. After that it should install the active X and update. Then there will be a window with Start Scan. Before you click on Start Scan, look in the box just above this for two links in small bold red and click on the upper one which will allow you to select the drive you want to have scanned. Select your flashdrive. There are instructions for retrieving a log we can use. Please follow these.

Let me know how this goes?
abri

 

Thanks abri, I will do this as soon as I can (I'm still on the move) - does this scan need to be installed into the machine?

I did run some online scanner before downloading Avast - I don't remember which is was, only that I recognised it as well known, legitimate one - which deleted all the files as it couldn't heal them... a reason why the machine was due to complete re-install in the first instance: it was the same virus all over again, and a couple of others that had come from porn sites (not me, my boss most likely).

Obviously I don't want the same to happen to my flash drive, only to create a log: is BitDefender one of those?

 

Hi claptrap,
Bit Defender Online Scan will install an Active X component and download updates. The program itself runs from the server, not on your computer. BitDefender will fix anything if you leave it at the default setting. It will attempt to fix it and if it can't, it will delete it. If you change the settings at the start, (those two small links in the box just above the Start Scan button) then you can have it do a scan only. The reason I recommend it, is so that you can scan only your flash drive without having to scan the pc. I am assuming if there's a keygen for the os, that it is not located on your flashdrive, so getting any malware out of your flashdrive would be in your interest. If you use the instructions I gave you and have it only scan your flashdrive, then it should not do anything to any files on the computer.
abri