Tag Archives: trojan

Can you get infected with a virus while using a Live CD Linux OS??

Right now i’m using a Windows XP OS. if i boot from a Live CD version of Linux (let’s say.. ubuntu) and i get a file infected with a trojan, will the trojan still harm my Windows Operating System while i’m using a Live CD version of Linux?

How to Cure a Windows Virus with Ubuntu Linux

Check out my new Linux channel: bit.ly Do you suspect your Windows machine is infected? Before dropping cash on anti-virus software, check out this quick tutorial that will help get rid of the spyware and viruses in your PC. It’s easier than you think: www.linuxhaxor.net Maybe you can’t even boot into your operating system because your rig is so bogged down, have no more fear, Nixie is here! Please rate, comment and subscribe.. magical things will happen! 8-)

Virtuamonde – Infection appears gone but not dead?

I accidentally browsed to an infected site last week, and I got infected with a virus/trojan called Virtuamonde.

I ran SpyBot S&D, MBAM, and McAfee, and though SpyBot S&D was able to pinpoint the problem it could only remove the Registry entries, but could not remove the files (as they were in use). I used a Linux live CD to boot the machine and manually remove the infected files. It appears that Virtuamonde creates randomly-named DLLs in the C:WINDOWSSystem32 folder, which comprise the main part of the trojan. I removed all of the infected files as well as all related Registry entries, and none of my anti-virus/anti-spyware programs show any remaining infection. However, every hour, RUNDLL32.EXE is activated out of the blue. I used Process Explorer (http://www.sysinternals.com/ ) to determine that the command used to launch the process is:

C:WINDOWSsystem32rundll32.exe “C:WINDOWS
system32urqRHxUk.dll”,ShellPath

The file urqRHxUk.dll just happens to be one of the randomly-named DLLs that Virtuamonde installed (and that I subsequently deleted), so I believe this hourly process must be a result of the infection, however I have already removed urqRHxUk.dll (it no longer exists anywhere on my machine). I have also searched the entire Registry for any references to urqRHxUk.dll, but to no avail. I have noticed that this process often appears as a child process of SVCHOST.EXE, which is a service that is launched with the following command line:

C:WINDOWSsystem32svchost.exe -k netsvcs

This hourly instance of RUNDLL32.EXE seems to have no side effects (probably since the referenced DLL is deleted) but it bugs me that a process is spawning every hour and I can’t do anything about it. As I said before, I have searched the entire Registry for any related entries, but no luck.

Any help would be greatly appreciated.

Can you get infected with a virus while using a Live CD Linux OS??

Right now i’m using a Windows XP OS. if i boot from a Live CD version of Linux (let’s say.. ubuntu) and i get a file infected with a trojan, will the trojan still harm my Windows Operating System while i’m using a Live CD version of Linux?