-
January 13th, 2002, 08:30 AM
#11
Junior Member
thank fro the advise IchNiSan
Yes I haev TWO zip programs installed on my computer
Winzip 8.0 and powerdesk Pro
however I think I found the darn problem..
I went to the housecall web site to scan ONCE again froa virus
( I have norton anti virus 2000 installed on my computer and it found NOTHING)
Do you know PC Cilin found one of the most OLDEST virus I have ever read about and is seldomly found..
TRACERST.exe wich is a virus that attacks the Physical hard disk partition table, then moves on to destroy all executable and sytem files until all is wiped out.
for some you can even format your hard drive,but when re installing, the virus is still somehow there ( Don't know how)
Each time I use a Norton product it never works... ( why??)
Now for the hard part....
I cannot clean the danr partition table if it is in USE...
how do I get into my partition table without running the drive?
I know how to DELETE the partition table in DOC by running fdisk.
but to CLEAN it for infected virus??
thank for all your help everyone... I just lose all I got and hope to get things back I guess....
*TRACERST*
Virus type: Boot
Description:
This is a memory resident Boot virus. It is detected by the latest pattern file.
Solution:
Trend customers
Keep your pattern file and scan engine updated. Trend Micro antivirus software can clean or remove most types of viruses. Certain viruses, such as Trojans, scripts, overwriting viruses and joke programs which are identified as "uncleanable", should simply be deleted.
-
January 14th, 2002, 02:04 AM
#12
The FAT has always 2 versions, therefor if the virus only corrupts 1 you can recover from the other.
How to restore (several options):
- You can try to edit the HDD yourself with a hexadecimal editor, concentrate on the first sector of your HDD (very dangerous and not easy at all)
- You can use some tool like Norton Disk Doctor which will restore the FAT (unless the virus does not report to Norton as an error in the FAT)
- Disconnect your boot HDD (C:\) (if the virus is not at that disk) and start with a bootable DDO disk and the D:\ HDD connected. Install the DDO software from the DDO boot disk. Choose to rewrite the MBR and Boot sector on the HDD. The DDO (Dynamic Drive Overlay) will rewrite the MBR and Boot sector with his own startup files, so if you are lucky it destroys the virus accidently. Then remove the DDO and put your computer back together.
- Do a low-format (not recommended)
-
January 14th, 2002, 02:35 AM
#13
Hey another method is by cleaning the corresponding sectors on that disk. (you will lose the virus and your info)
Antihaxor has written the code to do that in the following post:
http://www.antionline.com/showthread...hreadid=140085
Be carefull: make sure you don't use it on the wrong HDD
-
January 14th, 2002, 03:13 AM
#14
Member
Hate To Make Your Day, Old Boy, BUT...
I am afraid, speaking from personal experience, you have no other choice but to do a complete low level format, zero fill your drive, and then a second low level format... sorry... and THEN a complete re-install of the OS and all favorite appz. There is no sense wasting any more time and aggravation on such a fiasco.
-
January 14th, 2002, 04:03 AM
#15
Junior Member
Re: Hate To Make Your Day, Old Boy, BUT...
Originally posted by Kewl_Zero
I am afraid, speaking from personal experience, you have no other choice but to do a complete low level format, zero fill your drive, and then a second low level format... sorry... and THEN a complete re-install of the OS and all favorite appz. There is no sense wasting any more time and aggravation on such a fiasco.
VictorKaum : you are on the RIGHT trach and i have tried both methods on removeing the virus rom my boot sectors, partition table areas and BIO sectors???? ( there's three sectors I think)
Anyway I used AVG anti Virus Software.. Norton got Destroyed.
The virus name has now changed to -----> v-sign
this is a virus normally created from a bad floppy disk and then moves on to the boot sector and blablabla...
I had this virus before and forgot how i removed it but i had to use a special tool on Floopy Disk.. Floppy drive is not infected.
Both hard drives ARE though.. I formatted already but am here trying to still find ANYTHING on how to get rid of it...
I booted my system from a Bootable floppy disk.. Ran AVG virus detector.. AVG found NOTHING...
I then Rab Fdisk /MBR
then rebooted and got into windows.
AVG once again finds the darn virus...
Now what.....
I will now go try your method ONE MORE time Victor
This is CRAZYYYYYYYYYYYYY!!!!!!!!!!
-
January 14th, 2002, 05:04 AM
#16
Boot Sector Virus...
Well I did not think of a Boot Sector Virus...
The truth comes out
and I have a Brain FART!!!
Be aware you may have the virus on your orginal boot disk
and you will have to make a clean boot disk....
so Boot from the CD!
I went round robin about 2 years ago with a customers computer
that infected several of my 3.5 inch boot disks.
What a PAIN!!!
Good Luck!
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle
-
January 15th, 2002, 06:28 AM
#17
Junior Member
Yep I see that..
the darn Floppy.. in wich i also see is what gave me the darn virus and what had made trigger.
Was starting all over again with infected disk no#1 ..
( until it got to disk no# 64 again??? lol )
But all is sloved now..
I went to fsecure com
http://www.fsecure.com/support/avwor...nfection.shtml
and got a fix for it. Also while there I got a few extra virus tools..
It's a pretty GOOD web site with free fixes and patches.
I even grabbed a virus scanner for MSN Mesenger and a mIRC virus scanning prog
( works good so far .. cept for zone alamr going off over & over form me scanning users for virus when they enter the channel...LOL
Man I don't want to go through this ever again
Cory is going to buy him a a CD writer and burner this weekend
-
January 19th, 2002, 07:56 PM
#18
If you have a boot sector virus,
it will be ot the C drive because you
boot from C drive.
If it is on D, it won.t necessarily become
memory resident when you boot.
Your absolutely first step is to boot
from known clean media to prevent
it from loading into memory, ie known
good floppy or, better yet, bootable cdrom
antivirus software.
After you're sure the virus issue is solved,
make sure to scandisk the D drive, make sure
its parameters in bios are correct, (some innacurate settings
may cause subtle problems), and be suspicious
of drive cables.
I came in to the world with nothing. I still have most of it.
-
January 19th, 2002, 09:08 PM
#19
Now what.....
I will now go try your method ONE MORE time Victor
This is CRAZYYYYYYYYYYYYY!!!!!!!!!!
Corynthus, you had some complaints about the methods I suggested?
Well I thought you had a clean floppy disk to boot from, off course when your FDD's are infected too, you will be stuck again with the virus...
So good advice keep one bootabel FDD made on a clean system and make it write protected. Or like said before by others, burn a bootable CD (from a clean system).
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|