HELP! - One of the trickiest viruses ever...?

Discussion in 'Computers' started by Dick, Oct 5, 2006.

  1. Dick

    Dick Producer
    Supporter

    Joined:
    May 22, 1999
    Messages:
    6,000
    Likes Received:
    2,001
    Location:
    Maine
    Real Name:
    Rick
    Here's the scoop: I re-formated my hard drive recently because things were becoming very sluggish. Since then, I have run into a very interesting situation. I got a call from my server saying they'd received complaints that I was uploading a virus into their computers... yet, I have only emailed a few persons and those were not the ones who complained, so my computer seems to be automatically doing this to people I don't even contact(!). Further, when I try to download (or even access) an anti-spyware or anti-virus program, upon Googling any name containing "Norton" or "Spybot" or "Anti-Virus" the Google screen immediately disappears. This virus WILL NOT LET ME DOWNLOAD A PROGRAM TO KILL IT... very insidious and clever. I do not know if purchasing Norton and trying to install it will even work. Any suggestions?

    HELP!!!
     
  2. Rommel_L

    Rommel_L Second Unit

    Joined:
    Apr 25, 2000
    Messages:
    355
    Likes Received:
    0
  3. Jason Harbaugh

    Jason Harbaugh Cinematographer

    Joined:
    Jul 30, 2001
    Messages:
    2,968
    Likes Received:
    0
    Have you looked it up on a different computer to find the way to kill it? It sounds like it is one of those that purposely tries to prevent you from getting rid of it, so that makes research on that pc kinda useless and I doubt it will even let you install the applications if you got them from another computer.

    Have you figured out the name of it? You can do a ctrl/alt/del and look at your processes. If it is running, it should show up there. It might be masking as another process as well, so check for duplicates like two iexplorer.exe running.
     
  4. Al.Anderson

    Al.Anderson Cinematographer

    Joined:
    Jul 2, 2002
    Messages:
    2,579
    Likes Received:
    78
    Real Name:
    Al
    My guess is the virus is in the Master Boot Record (MBR). If memory serves, you have to take an additional step when reformating a disk to also reformat the MBR. If you aren't in a hurry give that a try. Otherwise, go here: http://forums.spywareinfo.com/.

    You should also download HijackThis on another computer and load it from a write protected CD/Floppy.
     
  5. Rommel_L

    Rommel_L Second Unit

    Joined:
    Apr 25, 2000
    Messages:
    355
    Likes Received:
    0
    Still waiting on the HiJackThis logfile...
     
  6. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0
    Better yet, download the Ultimate Boot CD, fire it up, get the latest virus scanner upgrades to the scanner(s) it has and clean your PC from that CD.

    Not the Ultimate Boot CD for Windows, since you have to add Windows files to it when you create it, you'd possibly wind up with an infected CD - but the Linux based ultimate boot cd in iso form should be burnable and not become infected.

    You should probably have a software firewall downloaded onto a CD (get one from a friends computer that isn't infected) and then reinstall your OS again, while disconnected from the Internet! Then put in that firewall cd (zonealarm for instance) and install that BEFORE connecting to the Internet. That way direct attacks will be harder even though XP is vulnerable out of the box to all kinds of directed assaults.

    Then go directly to Windows Update and download every security patch in sight before installing an anti-virus scanner... [​IMG]
     
  7. Gregg Loewen

    Gregg Loewen Video Standards Instructor, THX Ltd.
    Insider

    Joined:
    Nov 9, 1999
    Messages:
    6,373
    Likes Received:
    32
    Location:
    New England
    Real Name:
    Gregg Loewen
    wow.
    I guess Ive been lucky.
    Good luck on finding a fix.
    Gregg
     

Share This Page