Avast WEBforum

Business Products => Archive (Legacy) => Avast Business => Avast Server Protection => Topic started by: 2thtek on August 12, 2007, 10:29:08 PM

Title: feeb family virus
Post by: 2thtek on August 12, 2007, 10:29:08 PM
Yep I have the Feeb family Virus >:(  It is in the Chest for now BUT I went to do an advance scan on the boot schedule and When it came time to click on an action I already had placed the virus in the chest  when I was alerted I had it!
A pop up tells me that IF I click on   Confirm>> Delete or move " Are you sure? Changing your system can harm you further,, :o sooooooooooooooo  Now what do I do  and HOW can I get rid of it??  HELPPPPPPPP  It has got my whole system running slow and  choppy!!!!!!!!  ::)
Title: Re: feeb family virus
Post by: Lisandro on August 12, 2007, 11:38:02 PM
If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:

1. Disable System Restore on Windows ME (http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264887) or Windows XP (http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405). System Restore cannot be disabled on Windows 9x and it's not available in Windows 2k. After boot you can enable System Restore again after step 3.

2. Clean your temporary files. You can use CleanUp (http://www.stevengould.org/downloads/cleanup/) or the Windows Advanced Care (http://www.iobit.com/AdvancedWindowsCarePersonal/index.html) features for that.

3. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (http://support.microsoft.com/default.aspx?scid=kb;en-us;315222) (repeatedly press F8 while booting).

4. It will be good if you download, install, update and run AVG Antispyware (http://www.ewido.net/en/). Some users recommend SUPERantispyware (http://www.superantispyware.com), Spyware Terminator (http://www.spywareterminator.com/) and/or a-squared (http://www.emsisoft.com/en/software/free/) (take care about false positives).
If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.

5. If you still detecting any strange behavior or even you're sure you're not clean, maybe it will be good to test your machine with anti-rootkit applications (http://www.antirootkit.com/software/index.htm). I suggest AVG (http://www.grisoft.com/doc/download-free-anti-rootkit/us/crp/0), Panda (http://research.pandasoftware.com/blogs/research/archive/2007/04/27/New-Panda-Anti_2D00_Rootkit-_2D00_-Version-1.07.aspx) and/or F-Secure BlackLight (http://www.f-secure.com/blacklight/try_blacklight.html).

6. Also, if you still detecting strange behaviors or you want to be sure you're clean, maybe making a HijackThis (http://www.bleepingcomputer.com/files/hijackthis.php) log to post here and, specially, scan and submit to on-line analysis the RunScanner (http://www.runscanner.net/) log would help to identify the problem and the solution.

7. After you're clean, use the immunization of SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) or, which is better, the  Windows Advanced Care (http://www.iobit.com/AdvancedWindowsCarePersonal/index.html) features of spyware/adware cleaning and removal.

8. Finally, when you're clean, check for insecure applications with Secunia Software Inspector (http://secunia.com/software_inspector/) to update insecure applications and avoid reinfection.
Title: Re: feeb family virus
Post by: DavidR on August 13, 2007, 12:02:09 AM
Are you really using the avast 4 server version ?

FEEBS Family may have rootkit element:
Check out this forum post http://forum.avast.com/index.php?topic=27169.msg221376#msg221376 (http://forum.avast.com/index.php?topic=27169.msg221376#msg221376).
Also a http://www.f-secure.com/v-descs/feebs.shtml (http://www.f-secure.com/v-descs/feebs.shtml) feebs removal tool.
Title: Re: feeb family virus
Post by: juancholo on September 16, 2007, 09:17:00 PM
mire lo q pasa. primero que todo soy latino y me gustaria q me respondiera en español, lo q pasa es q un virus me desactivo el avast y nose donde activarlo solo necesito esa informacion de antemano gracias por lo q me puedan ayudar
gilberto segura villa
si decea me podria responder a este correo
kakaroto_sv@hotmail.com
gracias
Title: Re: feeb family virus
Post by: Lisandro on September 16, 2007, 10:04:34 PM
mire lo q pasa. primero que todo soy latino y me gustaria q me respondiera en español, lo q pasa es q un virus me desactivo el avast y nose donde activarlo solo necesito esa informacion de antemano gracias por lo q me puedan ayudar
gilberto segura villa
si decea me podria responder a este correo
kakaroto_sv@hotmail.com
gracias
Well... it should be an English-only forum...
Could you please, go to an automated translation service, copy & paste your text and get, at least, an automated translation of your writings?
Thanks.

http://world.altavista.com/
http://dictionary.reference.com/translate/text.html
http://www.freetranslation.com/
http://www.worldlingo.com/en/products_services/worldlingo_translator.html
http://translation2.paralink.com/

Besides, you seem to have another antivirus blocking avast installation (or, at least, you did not uninstall it correctly). Which is this antivirus?
Welcome to forums.

P.S. Remove your email if you don't want to be flood with spam 8)