+ Post New Thread
Results 1 to 7 of 7
Windows Thread, badsrc-c infection need help removing from windows in Technical; Have a case of a bad infection of Badsrc-C which has infected a teachers laptop and she has bought into ...
  1. #1
    HMCTech's Avatar
    Join Date
    Apr 2008
    Posts
    618
    Thank Post
    37
    Thanked 48 Times in 35 Posts
    Rep Power
    22

    badsrc-c infection need help removing from windows

    Have a case of a bad infection of Badsrc-C which has infected a teachers laptop and she has bought into school. The process tab shows several unusuall .exe files and others running like Zero.txt blank.doc, Sophos has not been able to remove it and their sav32cli shortcut is unable to open the boot\bcd.

    Looking for help in removing this virus if anyone has any great tips. Also the virus likes to infect any .exe you try to run.
    Last edited by HMCTech; 10th September 2008 at 08:40 AM.

  2. #2
    bizzel's Avatar
    Join Date
    Jul 2007
    Location
    Cambridge
    Posts
    654
    Thank Post
    102
    Thanked 204 Times in 72 Posts
    Rep Power
    51
    Grab any work you can and nuke it from orbit! Also, make sure it's fully network isolated (I'm sure you know that anyway). Maybe Bitdefender Free can sort it out?

  3. #3
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    42
    Do you have a bootable PE disc such as UBCD4win or Bart's PE?

    (Google them for more info)

    They have anti-virus software on that should be able to help you. You boot to the disc rather than windows, so cleaning your system is far easier.

  4. #4
    HMCTech's Avatar
    Join Date
    Apr 2008
    Posts
    618
    Thank Post
    37
    Thanked 48 Times in 35 Posts
    Rep Power
    22
    Quote Originally Posted by bizzel View Post
    Grab any work you can and nuke it from orbit! Also, make sure it's fully network isolated (I'm sure you know that anyway). Maybe Bitdefender Free can sort it out?
    I did nuke her desktop because it was a school one and she should of saved her work to the network share. However she is not to happy about me doing it to her laptop. It may be the final option but looking at every avenue first. I will give bitdefender a try.

  5. #5
    Sirbendy's Avatar
    Join Date
    Nov 2005
    Posts
    2,298
    Thank Post
    8
    Thanked 202 Times in 153 Posts
    Rep Power
    109
    Had a few of these, damn staff.

    Download "IttyBitty Process Manager" to a pen, boot laptop in safe mode, run that and nuke any suss processes. I've seen things merrily hide from taskman.

    Use MSCONFIG to stop any startup nonsense.

    Bog off the resident AV - if it was any use it wouldn't get into that mess. I always install Avast! AV, and set for boot time scan.

    Boot it, let it run through and raise eyebrows as you nuke the nasties.

    If all else fails, build and boot off a PEBuilder CD, ghost the laptop HDD off to an image on the network, nuke the heap and start again, then get the AV installed and tested OK, and THEN copy the files out of the ghost image using Ghostwalker. Any nasties get nuked by the (now functional) AV.

    I've lost count of the amount of machines that cross my path in a hideous /unuseable state with AV that's merrily reporting all systems go. IMO, if you can't backup your data you deserve to lose it. Not that I ever do.

  6. #6

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Avast have a boot CD you can download to scan your PC with.

    avast! BART CD

  7. Thanks to Geoff from:

    speckytecky (10th September 2008)

  8. #7
    tomscaper's Avatar
    Join Date
    Jul 2006
    Posts
    814
    Thank Post
    118
    Thanked 29 Times in 15 Posts
    Rep Power
    22
    I would tell her, that its to late only option is to wipe it, if she doenst like it she can go elsewhere.

    Quote Originally Posted by AlexPilot View Post
    I did nuke her desktop because it was a school one and she should of saved her work to the network share. However she is not to happy about me doing it to her laptop. It may be the final option but looking at every avenue first. I will give bitdefender a try.

SHARE:
+ Post New Thread

Similar Threads

  1. Removing Ranger
    By alan-d in forum Windows
    Replies: 17
    Last Post: 7th September 2009, 02:09 PM
  2. Removing Domain and rebuilding
    By HodgeHi in forum Windows
    Replies: 4
    Last Post: 24th July 2008, 10:47 AM
  3. Removing a GPO
    By _Bat_ in forum Windows
    Replies: 12
    Last Post: 3rd May 2007, 04:27 PM
  4. Removing Profiles on a Server
    By wesleyw in forum How do you do....it?
    Replies: 2
    Last Post: 22nd August 2006, 10:01 PM
  5. Removing printers
    By RobC in forum Scripts
    Replies: 23
    Last Post: 7th March 2006, 02:30 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •