UPS virus (NEED to REMOVE!)

View previous topic View next topic Go down

UPS virus (NEED to REMOVE!)

Post by judyvang on Thu Feb 04, 2010 12:09 am

Help!! I got an email saying that it's from UPS. It has a zipped file that once opened deploy braviax.exe and burito.exe on to the system. The bogus Packet Service messages claim a parcel sent by the user was undeliverable due to an incorrect address. The user is instructed to open an attachment containing a copy of the invoice. The attachment actually contains a virus that infected my computer!!
I can't believe I got this virus!!

I tried to get some online help as of downloading the SDFix however, I couldn't because the virus block me from going online!! I tried to save the file on a usb thumb drive from another computer and open it up on the infected computer but could not also!! Now I'm stuck!!

Please help me!!

judyvang
Novice
Novice

Status :
Online
Offline


Posts Posts : 6
Joined Joined : 2010-02-03
Gender Gender : Female
OS OS : windows vista

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by Belahzur on Thu Feb 04, 2010 12:43 am

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline


Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by judyvang on Fri Feb 05, 2010 4:51 pm

so.. i downloaded the OTL and copy it to a disk to run it on the infected computer... however, after it was scan, there was nothing in the notepad as well as the saved file on desktop.. what do i do now? should i scan it again?

judyvang
Novice
Novice

Status :
Online
Offline


Posts Posts : 6
Joined Joined : 2010-02-03
Gender Gender : Female
OS OS : windows vista

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by Belahzur on Fri Feb 05, 2010 5:10 pm

Yes, try again, see if anything different happens.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline


Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by judyvang on Fri Feb 05, 2010 5:17 pm

while scanning, a pop-up windows says no-disk and has the following info below.. c0000013 Parameters 75b6bf9c 4 75b6bf9c 75b6bf9c and says if i should continue or cancel.. i choose continue but after it scan, it came out blank in the notepad again..

judyvang
Novice
Novice

Status :
Online
Offline


Posts Posts : 6
Joined Joined : 2010-02-03
Gender Gender : Female
OS OS : windows vista

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by Belahzur on Fri Feb 05, 2010 6:43 pm

Okay, lets try this instead.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline


Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by judyvang on Mon Feb 08, 2010 11:40 pm

I could not install the file.. A window pop up saying: The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

I've tried several times and this keeps on poping up. What do I do now?

judyvang
Novice
Novice

Status :
Online
Offline


Posts Posts : 6
Joined Joined : 2010-02-03
Gender Gender : Female
OS OS : windows vista

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by Belahzur on Tue Feb 09, 2010 1:25 am

Hello.

Please download Ice Sword from [You must be registered and logged in to see this link.]

  1. Download the zip to your desktop and extract it.
  2. Open the Ice Sword folder and then launch IceSword.exe.
  3. Will IceSword open?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline


Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by judyvang on Tue Feb 09, 2010 6:23 pm

yes, i was able to open the folder..
from the functions, do i choose process or start-up?

judyvang
Novice
Novice

Status :
Online
Offline


Posts Posts : 6
Joined Joined : 2010-02-03
Gender Gender : Female
OS OS : windows vista

View user profile

Back to top Go down

Re: UPS virus (NEED to REMOVE!)

Post by Belahzur on Tue Feb 09, 2010 6:57 pm

Hello.


  • Now, on the left hand side tool, hit the Process button at the top of the list.
  • Just above the list, there is a log button, press that and save the log to your Desktop.
  • Next, hit the Startup on the left side list.
  • Press the log button again.
  • Post the two logs in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline


Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum