Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Asinine08, Jul 6, 2009.

  Asinine08

    Asinine08

    So I downloaded FRAPS off of a website that I found on Goggle and within 2 seconds of instaling the program (freeware) I got a blue screen of death.

    I shut off my pc and booted up, once everything started to load I was getting the fake WINDOWS security alerts and I could see that the program was trying to download something and complete the instal.

    I immediatly pull the plug on my modem and grab a laptop to start my 8 hour resolve only to discover that my computer basically has AIDS and is destined for the depths of hell.

    It is what it is and I knew I was in for a ride when my pc BOD on me but my question is do you guys think I may have a chance to beat this thing since it didnt finish downloading what it was trying to?

    I ran a scan in safe mode and I thought it worked but it didnt and now I made a boot disc and Im in the middle of an 7 hour scan so far.. I really have no issues with a reformat which reagurdless of outcome I will do but a few questions are :

    1. I have 200 Gigs of Music can they be saved?
    2. Can this Virus spread to my slave even if I save no .exe's?
    3. What is the complete list of file types that can carry this virus?
    4. Is there an EFFECTIVE scaner that will INSURE the safty of salvaged files?

    I am going to make the assumption that just like any program it takes time to infect a PC its not something that is done intsantly.... I had a slave drive with over 400 Gigs of programs but they were on physically separate drive not being used. Is there a way to scan it and know 100% that its safe?

    Most of the stuff on the drive I can get back but there are some things that I must have... I just need suggestions and maybe directions on safely getting data that I need keeping me at minmal risk of re-infection of my new instal.

    The Virus seems to instal on ALL .exe's that are in startup and in almost all drivers on the computer.....

    SAFE mode without Networking is the only time the VIRUS seems not to be running. If I run it in safe mode with networking it trys to download files and I pull the plug and reboot in safe mode. Note:: When I pull the plug the status bar stops and the Virus hangs... To me this is a good thing it tells me that it needs something to complete its masterpiece on my pc.

    Anyway... Lastly what Anti Virus program do the powers that be here at Major Geeks recommend to protect me from this virus in the future.. Can this be detected before infection, can it be stoped?

    Thank you in advance.
  chaslang

    chaslang MajorGeeks Admin - Master Malware Expert

    If you really have a Virut infection, your safest most reliable course of action is to delete partitions (all), format and reinstall.

    Unknown. MP3, WMV, ...etc can possibly carry the infection.

    Depends on what you are call an executable. And no there is not a complete list since their are many forms of these infections and things change over time. We have seen EXE, DLL, SCR, HTML, MHT, AVI, and more being infected.

    No guarantees but you could try some various scans from AV companies. They all have tools for trying to work with Virut and similar infections. The problem is that they are not always reliable and many times the fix is to delete the file.

    You can scan it with a good antivirus program but if you scan it from the PC that is already infected then the scanner itself is most likely already infected and the act of scanning the slave drive will infect the files being scanned (if they are not already infected).

    Last edited: Jul 7, 2009

