I have recently recieved a laptop from my mothers friend who doesnt know jack about computers. It runs windows 2000 prof. My mom said that her friend thinks its infected with a virus. It was running Norton 2002 when I got it, so I uninstalled that and installed Norton 2003. Now my problem is that after installation Auto Protect wasnt enabled. When I go to Enable it it closes. Then I restarted it and it told me that a virus was trying to edit the Anti virus settings in the registry. When I open Noroton it closes on its own sometimes too. Also msconfig doesnt work for some reason. She thinks its the Bugbear virus. I ran some W32 bugbear removal program but it said "No Virus Detected". Well this is where I am at.

Any Suggestions? Any web sites u guys might know of that I can do a scan or some kind of countermeasures. Would appreciate any comments as long as there to the point, plz no replys about reinstalling. Ive done the basics. Thanx

Online Virus Scan:

http://housecall.antivirus.com/housecall/start_corp.asp

Online Trojan Scanner:

http://www.trojanscan.com/

RogueSpy basiccly covered it ...here are some more scans you can do to be sure :) ...

Virus Scan

http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym?venid=sym&langid=us
http://www.hauri.net/html/onlineservice/livecall.html
http://www.ravantivirus.com/scan/
http://www.mcafee.com/myapps/vso/default.asp

Vulnerabilitie

https://grc.com/x/ne.dll?bh0bkyd2
http://scan.sygatetech.com/
http://www.sdesign.com/securitytest/index.html port scan

more misc scanners

http://www.shebeen.com/onlinescanners.htm

The original w32 bugbear virus came out last fall, I believe, but the new variant is bugbear.b which I had the unpleasant opportunity to remove from my mom's computer. If you tried to remove bugbear.b with a fix for the original, then it wont work (I tried it). The thing that did work for me (after scanning with symantec's online scanner) was a program symantec had a link to called stinger.exe. It scans for and repairs about 15 different viruses including bugbear and bugbear.b, so if nothing else works, that could be worth a try. Anyway, good luck.

I also had a problem with a friend who had bugbear.b - a 4 year old system, no AV scanner, no Windows updates etc. :rolleyes:
Really badly screwed! Stinger worked for me, and I then put her system back together.

Stinger is at stinger (http://vil.nai.com/vil/stinger) (McAfee link).

Remember that Bugbear is one of a group of virii that disable your AV, disable msconfig, regedit, Ctl-Alt-Del, firewall.. etc
ALWAYS follow the removal instructions.. In most cases the individual removal tools work 100%.. When they don't it is because it is for the wrong varient or wrong virus..

virus was trying to edit the Anti virus settings in the registry the defs in NAV2003's install are about 10months old.. pre most of the nasties we see today..
be aware that since 2003 was released, the following have turned up on the scene bugbear, bugbear.b, Yaha.c-whatever, sobig and more, all that will do act the way you mention.. some will give you a veryhard time installing AV's on some os's..
Also DID the installation restart the computer near completion of AV Install? what happened here..btw most of the bugs mentioned won't let you install the av anyhow..

Ahhh hell..STOP Right there Unless you have added it in.. Bloody Win2k don't have MSCONFIG.. so no wonder that don't work!!

Just what was wrong with it for the ppl to think it had a virus?.. it could have had a bloated startup! ie to much shit runniig in the background.. causing slugish operation
or a damaged driver causing the machine to run in a slugish manner..
Or it could have a hardware problem..causing slugish operation or random crashes

cheers

sorry bout the last post, a friend of mine was on my computer and posted because Im set to auto log in. I wouldnt have known only i got negged bad for it so i wanted to apologize. Im deleting the post now.

Propaganda,

how did you get on?.. was it a virus.. or was it some thing else? Or are you still fighting?

Please let us know.. we are all learning and appreciate living examples..


Cheers

lol undertaker

Thanx for telling me that WIn2000 doesnt have msconfig, I didnt know.

She got it via E-mail, which enlightens my theory, IF YOU DONT KNOW WHO SENT THE MAIL OR WHY IT WAS SENT DONT OPEN IT.

UPDATE: Well I visited NAV's web site and did their online scan and it found 15 related viruses and 3 unkown. Think im in the clear now.............for now.

Big thanx

Actually thereis no native msconfig for win 2k but it can be placed there or another program can be used to access the same menu. Link is here msconfig for win 2k (http://www.techadvice.com/win2000/m/msconfig_w2k.htm)

Thanks for the update Propaganda, glad to hear it worked out..
out of curiosity what did the scann find?

IF YOU DONT KNOW WHO SENT THE MAIL OR WHY IT WAS SENT DONT OPEN IT.

In our work setup, we have the message recieve rules set to leave only the remaining spam and unknown source messages in the inbox.. But very strict rules/policy on the opening of emails from ppl we do know.. (btw the AV scanns the incoming mail but CA/VET is crap in this area.. ) the mails are read as text.... pity about the pretty HTML.. to bad to sad..
System hasn't been infected by mail in over 3yrs, but this proceedure has stopped many (did I say that CA/Vet has a crap email scanning engine)
Mind you it is best to assume that even the best AV prog has a crap email scanning engine..


cheer