Windows Thread, badsrc-c infection need help removing from windows in Technical; Have a case of a bad infection of Badsrc-C which has infected a teachers laptop and she has bought into ...
10th September 2008, 09:34 AM #1
badsrc-c infection need help removing from windows
Have a case of a bad infection of Badsrc-C which has infected a teachers laptop and she has bought into school. The process tab shows several unusuall .exe files and others running like Zero.txt blank.doc, Sophos has not been able to remove it and their sav32cli shortcut is unable to open the boot\bcd.
Looking for help in removing this virus if anyone has any great tips. Also the virus likes to infect any .exe you try to run.
Last edited by HMCTech; 10th September 2008 at 09:40 AM.
10th September 2008, 09:45 AM #2
Grab any work you can and nuke it from orbit! Also, make sure it's fully network isolated (I'm sure you know that anyway). Maybe Bitdefender Free can sort it out?
10th September 2008, 09:47 AM #3
Do you have a bootable PE disc such as UBCD4win or Bart's PE?
(Google them for more info)
They have anti-virus software on that should be able to help you. You boot to the disc rather than windows, so cleaning your system is far easier.
10th September 2008, 09:49 AM #4
I did nuke her desktop because it was a school one and she should of saved her work to the network share. However she is not to happy about me doing it to her laptop. It may be the final option but looking at every avenue first. I will give bitdefender a try.
Originally Posted by bizzel
10th September 2008, 02:01 PM #5
Had a few of these, damn staff.
Download "IttyBitty Process Manager" to a pen, boot laptop in safe mode, run that and nuke any suss processes. I've seen things merrily hide from taskman.
Use MSCONFIG to stop any startup nonsense.
Bog off the resident AV - if it was any use it wouldn't get into that mess. I always install Avast! AV, and set for boot time scan.
Boot it, let it run through and raise eyebrows as you nuke the nasties.
If all else fails, build and boot off a PEBuilder CD, ghost the laptop HDD off to an image on the network, nuke the heap and start again, then get the AV installed and tested OK, and THEN copy the files out of the ghost image using Ghostwalker. Any nasties get nuked by the (now functional) AV.
I've lost count of the amount of machines that cross my path in a hideous /unuseable state with AV that's merrily reporting all systems go. IMO, if you can't backup your data you deserve to lose it. Not that I ever do.
10th September 2008, 03:18 PM #6
Avast have a boot CD you can download to scan your PC with.
avast! BART CD
Thanks to Geoff from:
speckytecky (10th September 2008)
10th September 2008, 03:24 PM #7
I would tell her, that its to late only option is to wipe it, if she doenst like it she can go elsewhere.
Originally Posted by AlexPilot
By alan-d in forum Windows
Last Post: 7th September 2009, 03:09 PM
By HodgeHi in forum Windows
Last Post: 24th July 2008, 11:47 AM
By _Bat_ in forum Windows
Last Post: 3rd May 2007, 05:27 PM
By wesleyw in forum How do you do....it?
Last Post: 22nd August 2006, 11:01 PM
Last Post: 7th March 2006, 03:30 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)