twig123 Posted February 17, 2009 Share Posted February 17, 2009 (edited) Hey all,I have run into a problem... I got a system that is infected with a variant of the Virut & Cutwail infections that are NOT current detections in any of the 39 common antivirus' (verified on virustotal website) Here is my situation, I need to get the computer up and running again ASAP... so I am going to format and reinstall windows, however, it erks me that I could not fix the infection. I would also like to help the AV companies out there by submitting the infections. What I need help doing is creating a clone of a physical drive so that I can play around trying to clean the infection within a VirtualPC... anyone have any Ideas or what is the best way of how I can do this?Thanks in advance Edited February 17, 2009 by twig123 Link to comment Share on other sites More sharing options...
Netman66 Posted February 17, 2009 Share Posted February 17, 2009 You may have some luck using something from this article:http://www.rtfm-ed.co.uk/?page_id=174You want a P2V tool to create your Virtual Machine from the Physical one. Link to comment Share on other sites More sharing options...
twig123 Posted February 17, 2009 Author Share Posted February 17, 2009 (edited) You may have some luck using something from this article:http://www.rtfm-ed.co.uk/?page_id=174You want a P2V tool to create your Virtual Machine from the Physical one.Thanks I will take a peek at this later(lol, I like how the name of the site is RTFM Edu ) Edited February 17, 2009 by twig123 Link to comment Share on other sites More sharing options...
sevenalive Posted February 23, 2009 Share Posted February 23, 2009 The only thing you can do is submit to the av companies the infected file.That's why i don't use the anti programs, they are only good if they rules are in their database. You could be infected right now and not even know it, as long as there isn't mass distribution how will anyone know?For example, I can create a virus and embed it into any file i want and send it to ya. You run the program or whatever, you know nothing. Since i didn't wide release and and as long as it's not noticable, you would never know.Here is what you could do in the future:DeepFreeze or other solutionFormat, reinstall, set it up then create an image, so in the future if this happens, restore the image, update, and update the image (best solution).Don't get infected.Virus Total is a good tool, i run untrusted software through there all the time, but i still run it in a VM. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now