doomed?

hello all!

it's been quite a while since my last post in this forum, and i'm mighty glad this online discission board is still up!

recently, my laptop (using XP) experienced malfunction in that the keyboard is non working totally (i.e., none of the keys work).

after full virus scanning with avg 6.0, two viruses and infected files were detected:

C:\windows\system32\realupd32.exe (infected by: Trojanhorse Pmxy.2.B)

C:\windows\system32\real32.exe (infected by: I-Worm Bagle. M)


I would appreciate it very much if anyone could tell me how I could repair these two critical files. Are my keys not working due to at least one of them?

What would be the precautions i should take to prevent future occurences?

Are spywares also responsible?


Toastmaster

 

One of the options with a good AV program (and I have not run yours so don't know) should for it to try and clean the file. Did you try that? If so and if they couldn't be cleaned, your only choice is to get rid of them and replace with clean copies.

I'm curious though - exactly what app do the realupd32.exe and real32.exe belong to? Realupd.exe is a standard payload file for at least one trojan. Real.exe is a real player file. I don't find much information about the two files you mention though.

Precautions - keep your AV def file as up to date as possible. If they aren't current, they are next to useless.

Spyware can certainly cause problems. Ad-aware and Spybot (links in my sig) are a good pair to run regularly (again, with current updates) to keep that trash cleaned off your system.

 

critical files

Newt,

Hello! Good to hear from you.

I originally had 6 infected files cleaned; after which only two remained unable to be quarantined from the said viruses because they are "critical files" (from my layman's understanding) such that if they be deleted, my PC system would not work further.

I say further since right now, my entire dang keyboard is not functioning, not even one key!

I wrote AVG only to get a disappointing reply that they assist online only those using non-free anti-virus programs (mine is the free AVG 6.0).

Should I use a rescue disk and go to DOS to clean the 2 files? Thanks for any further advice...I really appreciate it.


Toast

 

what application?

Newt,

To your question what application those files belong, I think they are system 32 windows apps. Sorry if I'm not a techie.


Toast

 

Info for realupd32.exe

Info on I-Worm Bagle. M

 

If I had a laptop, and was using it, here and there, I would have a more strict security policy than I do now, on my desktop. I would definitely invest in some reputable third party Internet Security software- do a search on the Board, there are many kinds for different users- and I would be sure to be running a strong firewall. The built in XP firewall, as it is now (changes are being hinted at), IMO, is not sufficient protection.

JMO,
Johanna

 

latest updates

Noah, mighty glad of your reference pages...thanks for the info. The strange things happened today, after I updated my Win XP through the microsoft website, I ran the AVG 6.0 again. This time, it caught and removed the 2 buggars! (Thus, I'm implying that had I not updated with mostly security patches, I might not have cleaned the infected files...but correct me if my conclusion is wrong.).

Johanna, I couldn't agree with you more about the laptop...mine is a Dell bought from NY and I love it very much! It's my first, and I'm so grateful to my brother for his nice gift! If the built-in firewall of the XP is that vulnerable, than what would you suggest I do?

Also, please comment whether or not the Yahoo Msgr is another cause for these "unwanted intruders ".

Finally, my laptop's keyboard is still totally non-functional. What now, please?


Toast

 

There are several firewall programs listed in a pinned thread at the top of secuity forum, 'Welcome to S/V/S'. I have seen a lot of recommendations for Kerio but have not used it. eTrust has a free for a year offer on their Firewall\Antivirus program, dubbed EZ Armor, which is what I use, and recommend. Link is in another pinned thread entitled 'Shield your PC......'

Have you checked your keyboard options in the control panel? What model is your Dell?

 

noah,


from what you and johanna are implying, the xp firewall is not that effective, huh?

my dell is the PP01S (Pentium 3). It came originally with a Win Professional 2000 before we upgraded it to XP. I've tried troubleshooting the keyboard from the Settings, but the system tells it is working properly.


Toast

 

The XP firewall is one way (incoming only) and in my opinion, cannot be depended upon to adequately protect a computer as it is now. MS has promised some changes to it, but as it is now, it is not sufficient internet protection. JMO, of course.

Johanna

A WAG here- have you tried to get your keyboard's drivers online yet? Might be a simple fix...

 

johanna, how do i put my keyboard driver online?

 

If you are virus-free at this point (and I suggest an online scan with RAV [in my signature] or another good online AV app to confirm) then your keyboard problem may be a left over gift from one of the critters you had.

Try booting up in safe mode and see if your keyboard works. If it does, try booting to normal mode and make sure all is still well.

If no better in safe mode or when you get back to normal mode, try putting your XP install CD in the drive and then
start~run~sfc /scannow (and note the space between sfc and /).
If the system file checker finds damaged or missing system files it will replace them although you won't see any indication that much of anything is happening.

 

Toast

I meant obtain your keyboard driver from the manufacturer's website. You mentioned you had access to another computer. Perhaps you could download the driver(s), put them on a floppy and restore your keyboard.

Newt's suggestion is a good one, as well. SFC might do the trick. You do have your XP cd, don't you?

Johanna

 

nada

i tried each instruction you guys told me, thanks! However, my keyboard ( and now mouse) is still down...what now?

Off to a techie?


Toast

 

What kind of cds do you have with this laptop? Were you able to run sfc before all the input devices quit? Can you get it into safe mode? Or BIOS?

Depending on the answers to those questions, you might want to start a thread in hardware.

Johanna

 

What kind of cds do you have with this laptop?

...I don't understand what you exactly mean here, please clarify, Johanna.


Were you able to run sfc before all the input devices quit?

...sfc means?


Can you get it into safe mode? Or BIOS?

...I'm afraid neither one I can get into.


Depending on the answers to those questions, you might want to start a thread in hardware.

Johanna


...Well, I appreciate the advice, let me analyze the case further here first.


__________________

 

toastmaster - she wondered if you had a regular XP install CD.

start~run~sfc /scannow runs the System File Checker (SFC) which checks system files and if it finds any missing or bad, pulls a replacement from the XP CD but if you don't have one (only a repair CD or some other concoction from the vendor) it doesn't help.

If you do happen to have a regular install CD and can boot the system with a working mouse, you can still run the command even though you can't kbd the /scannow switch in.

Just get to another PC and create a batch file - name it sfc.bat maybe - and put the file on a floppy. Then copy the file to your hard drive and with the XP CD in the drive, run the sfc.bat file. Contents as follows:

c:\windows\system32\sfc.exe /scannow

So if you copied the bat file to c:\ then
start~run~c:\sfc.bat

 

toastmaster - she wondered if you had a regular XP install CD.

...Yes, I have a regular CD installed. Thanks for the clarification.

...I think I will try your instruction sbelow, and use an external keyboard.

...Thanks, guys! I will update you asap


Toast


start~run~sfc /scannow runs the System File Checker (SFC) which checks system files and if it finds any missing or bad, pulls a replacement from the XP CD but if you don't have one (only a repair CD or some other concoction from the vendor) it doesn't help.

If you do happen to have a regular install CD and can boot the system with a working mouse, you can still run the command even though you can't kbd the /scannow switch in.

Just get to another PC and create a batch file - name it sfc.bat maybe - and put the file on a floppy. Then copy the file to your hard drive and with the XP CD in the drive, run the sfc.bat file. Contents as follows:

c:\windows\system32\sfc.exe /scannow

So if you copied the bat file to c:\ then
start~run~c:\sfc.bat