Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Got bitten by "UPS Paket"...to remove or clean install?

Status
Not open for further replies.
wahnula

wahnula

Technical User
Jun 26, 2005
4,158
US
Howdy,

You know that post I made today about the new virus/malware/trojan that comes in an email about "UPS Paket"? Well, even though I have a gateway A/V and local A/V it looks like that 1-1/2 seconds of clicking on the executable got me infected. I haven't had a virus since the Sircam virus in the late 90's...I THOUGHT I was protected.

When I logged off & back on, Norton came up with virus warning that it found a Trojan that it could not remove, some Trojan I can't recall right now. After I dismissed that, my wallpaper was gone and XPAntivirus2008 came up and told me I had 1000+ infections, obviously part of the payload. I immediately disabled System Restore, took the machine off the network, started running an A/V scan in Safe Mode then left to go home.

My question is: Should I invest time in removing this critter and will my system ever be the same? I just did a clean install a few months ago and the whole process of reinstall & reconfigure takes about 2-1/2 hours. I'd imagine the removal will take less time, but will my system ever be the same? I plan on following all the steps to properly remove it but I'm worried it will leave traces behind that I'll never find, and I'm a perfectionist and don't want any clutter on my system.

What would you do?

Tony

Users helping Users...
 
Sort by date Sort by votes
If it only takes you 2ish hours to do a re-install then I would take that option. It recently took me many more hours with tools like Stopzilla, spyware doctor, Mcafee, and Hijack This to rid my home PC of all the rubbish nthat came down with XPAntivirus2008, and still don't know how I got the infection. I do feel confident that all the stuff has gone though.
 
Upvote 0 Downvote
I've got XP SP1 CDs and XP3 on flash key, as well as all my apps on flash key and CD. I've recently reloaded all the PCs in my office, that's where I got the 2.5 hour figure. We store all our files & emails on Network Shares, the only difficult time is re-activation of XP and Office 2003 over the phone.

I don't know why I posted this, maybe to ask if my PC would really be OK once XPAV2008 was gone, but I know myself, and I'd never stand to have a less-than-pristine system. I will dispense of this bugger with extreme prejudice!

Tony

Users helping Users...
 
Upvote 0 Downvote
XPAntivirus2008 is removable without burning your box to the ground and re-installing. I recently had one of our users become infected and was able to clear it up with a good dose of Symantec Endpoint Protection. The sad part is we were upgrading all of our pc's and I had not gotten to this particular one.

There is plenty of info out there to about removing XPAntivirus2008 manualy as well.

check here for manual instructions:

Twist

===========================================
Everything will be OK in the end.
If it's not OK, then it's not the end
 
Upvote 0 Downvote
In my experience XP Antivirus 2008 is removable without a huge effort, provided you catch it quickly enough. If the user keeps running the computer for several days, then the problems appear to multiply with each new day that dawns! I suspect this new UPS Paket may fall into the same category...

So, Tony, I'd say you probably have a good chance to clean up without a major effort since you switched off quickly.

ROGER - G0AOZ.
 
Upvote 0 Downvote
Thanks guys, my reading led to the same conclusions...but this PC is on a shared-folder network, easy deal to nuke & re-do, just save favorites and that's it. I've been at it for about 2 hours and it seems to be done...all this while installing our new network printer as well.

What bothered me was NOT the XPAntivirus2008 alone, it was whatever came along with it, trojans, backdoors, etc. that have yet to be documented. This thing hit the wild on the 13th.

Also, you have to know me...this is my PERSONAL computer and I don't want ANY compromises. If it was a user, well then we would have learned all about removal and whatever else followed, but not my PC!

Sort of like a variation of NIMBY, NOMPC!!!

Tony

Users helping Users...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Olumighty
  • Locked
  • Question
BIOS PASSWORD WIPE OR CLEAR ON COMPUTER LAPTOP 1
Replies
1
Views
177
SamBones
SamBones
javierdlm001
  • Locked
  • Question
"Win32.Downloader.gen" found as Malware by Spybot
Replies
3
Views
164
2ffat
2ffat
2ffat
  • Locked
  • News
C-Ware Bundled on "ALL" Freeware Sites
Replies
6
Views
181
xit
xit
2ffat
  • Locked
  • News
CNET/Download.com have cleaned up their act! 4
Replies
5
Views
171
kjv1611
kjv1611
lvis001
  • Locked
  • Question
Cannot remove "pup.bprotector" 1
Replies
6
Views
181
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top