Please HELP 25 viruses

This is a humanitarian plea for help I am currently working in Africa and one of the local charities have a computer that is full of viruses and have asked me to take a look to see if I could help, I first downloaded avast free edition and manually downloaded the updates but it refuses to install the program, I have tried taking all their files off to eventually format the whole thing and start again it wont transfer the files,
I tried starting in safe mode but it blocks the arrow keys so that when I press F8 and get onto the screen I can’t select safe mode their computer will not connect to internet neither!!

Can anyone pleae help?? ???

Thanks :slight_smile:

Do you have access to a computer that can burn a CD ?

Please print these instruction out so that you know what you are doing

File details OTLPEStd.exe
Bytes=97,702,766
MB=93.1
MD5=FC1A07D156DE710955032B1CF7891671

[*]Download OTLPEStd.exe to your desktop
[*]Ensure that you have a blank CD in the drive
[*]Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD

[*]Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
[*]As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :slight_smile:

[*]Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
[*]Double-click on the OTLPE icon.
[*]Select the Windows folder of the infected drive if it asks for a location
[*]When asked “Do you wish to load the remote registry”, select Yes
[*]When asked “Do you wish to load remote user profile(s) for scanning”, select Yes
[*]Ensure the box “Automatically Load All Remaining Users” is checked and press OK
[*]OTL should now start.
[*]Drag and drop this attached scan.txt into the Custom scans and fixes box
[*]Press Run Scan to start the scan.
[*]When finished, the file will be saved in drive C:\OTL.txt
[*]Copy this file to your USB drive if you do not have internet connection on this system.
[*]Right click the file and select send to : select the USB drive.
[*]Confirm that it has copied to the USB drive by selecting it
[*]You can backup any files that you wish from this OS
[*]Please post the contents of the C:\OTL.txt file in your reply.

Thank you essex boy I was just reading the thread where you helped a guy in spain Jokera, I am full of hope again I will get back to you withing the next 24 Hrs

Hi you have a file infector - Virut and Sality. One is bad enough but two is a disaster. In a situation like this I would go for your first option and reformat. OTLpe will enable you to recover your files from the infected computer

Well, I'm afraid I have bad news for you.

You have been infected with a polymorphic file infector named Virut. This infection will spread to every executable file in your computer, and unfortunately the only cure for it is to Reformat and Reinstall.

Right now, the best thing you can do is to backup, preferably to CD, all your important data, documents, pictures, movies, and songs.

DO NOT backup any applications or installers and DO NOT backup any files with the following extensions:
[].exe
[
].scr
[].htm
[
].html
[].xml
[
].zip
[].rar
[
].jpg
[*].pdf

For more information on Virut, and why you need to reformat, have a read of miekiemoes blog here.

To find out how to carry out an XP Reformat and Reinstall, please see this page. If you are using Vista, then check this page instead.

Once you have reformatted and reinstalled Windows, have a look at this page for some useful tips on staying clean, along with links to some freeware to help.

To find out more information about how you may have got infected in the first place, you can read this article.

I am sorry I cannot give any better news.

Damn bad news here is a report that avast created after scanning a USB key infected by this computer maybe that might change things I know its a shot in the dark, secondly will I be able to keep all the word and excel files? as some of them are very important??

( miekiemoes / Assistant Director of Research @ Malwarebytes )
Virut and other File infectors - Throwing in the Towel?
http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html

Why not backup .jpg files, don’t tell me .jpg files can be infected too?

And .htm and .html files - they can be manually cleaned can’t they?

First you need to wipe the USB drive completely by a full reformat. Back up the word and excel documents to a cd and then scan them prior to replacing on the reformated system. The scan I would recommend for the checking of the CD files would be Dr Web as those type of files it should be able to cure. The ones that I would not bother trying to cure are any executable files, macros or zip type archives

  1. Can JPG, GIF, and other image files be infected? http://www.mcafee.com/us/threat_center/outbreaks/faqs.html#6

Yes. Some software programs have vulnerabilities that contaminate JPG image files with malicious code. Contaminated JPG files can carry or launch a virus, worm, or Trojan on unpatched systems.

JPEG “Virus” Facts
http://www.secureworks.com/research/threats/jpegvirus/

Perrun virus
http://antivirus.about.com/od/virusdescriptions/a/perrun.htm