Virus wrm Win32:Sys Patch[wrm] Virus/Gusano

[illahe]

I probably violated the first part of the advice I Paniced. The system is a e-machine running Windows XP and avast Home 4.8 VPS 090511f-0,05/11/2009 512 RAM connected thru a comcast cable modem and Lynksys Wireless Router (disconnected at this time) Norton (Uninstalled now) Unable to do a system restore but after scanning with MBAM and avast I got it working with difficulty. The avast comes up with a flag as above and shows only one file infected but after leaving the system on ,the system boots but freezes after. I did a system restore in save mode and it came back to the previus condition. I have done a cleaning with avast cleaner but in so doing I lost all my restore points which I couldn't get anyway. I am tempted to reload windows since I havn't been able to get rid of the nasty thing.

[Lisandro]

If you can boot/logon, etc., I suggest the general cleaning procedure:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

[illahe]

Thank You I'll give a shot'

Illahe

[Lisandro]

Thank You I'll give a shot'

Illahe

You're welcome. Feel free to come back any time you need help or just to change experiences