horrible virus
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: horrible virus

  1. #1
    Banned
    Join Date
    Jun 2004
    Posts
    154

    horrible virus

    This was just about the only place i found to put this. I am running Windows XP and recently found out that i had a virus. I just installed Nortons Internet security and antivirus 2005 about 3 days before i got the virus. When i started my computer up everything was workin normally untill the little nortons box came up saying that a virus has been found and deleted. When i hit ok another box popped up with the same message, the only thing different was that the file name was changed from something like
    Code:
    C:\Windows\temp\tmpa1.tmp
    to
    C:\Windows\temp\tmpa2.tmp
    This box would just keep coming up with a new file untill i finally just exited out of nortons. So i did what i thought would be smart and ran my Nortons antivirus which turned up about 3 viruses named something like XXXXX.trojan. I quarentined and deleted, but the deletion failed and now when i run the antivirus it takes about 5 hours and the same virus doesnt show up.

    This virus is a problem b/c my computer is running about 1/5 of its potential. When i hit ctrl-alt-del my CPU usage is finally down to about 0-7% but my PF Usage is about 1.8 Gigs and my little cpu light is always on and my computer is always making the "thinking" noise.

    What should i do?

  2. #2
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    safe mode scan.

  3. #3
    Banned
    Join Date
    Jun 2004
    Posts
    154
    how do i get into safe mode on XP is it same as 98 or 95

  4. #4
    Senior Member
    Join Date
    Dec 2004
    Posts
    320
    Listen to oofki. When windows starts up, press F8 a bunch of times. Then when it gives you the option, boot in 'safe mode'. Run your Norton then, it may or may not take a while, but it should be able to safely delete this virus. Then reboot your window machine and update it all the way later
    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare

  5. #5
    Banned
    Join Date
    Jun 2004
    Posts
    154
    ok ill try that thank you

  6. #6
    Banned
    Join Date
    Jul 2004
    Posts
    12
    hey safe mode not gonna work this time frnd bcoz they work in conditions like u have changed sytem settings due to which there is some graphics resolution problem or something like that... its jus like guest in linux without gui.
    but here the prob is something else .
    so i suggest first of all make all ur files read only..this way the virus can't infect that..
    then beeter try some registry cleaner bcoz wen virus come again n again they have a entry in registry attached to a process or at system boot..
    after that if u can do open any infected file in windows editor n compare two diff files..
    well out of junk u can see some .dll files written out there like msvmvb60.dll for troajan in visual basic every time they execute they require runtime binary..
    try remaining them if its not system critical process..
    well if even then if its not working then try on some windows xp support tools like "depends"
    it shows all the libraries required by a process to start try ,
    renaming or deleting any file out there ,which is not critical..,after which it will not be able to spread itself
    i think that's more than good..
    take care
    ashtified....

  7. #7
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Originally posted here by ashtified
    hey safe mode not gonna work this time frnd bcoz they work in conditions like u have changed sytem settings due to which there is some graphics resolution problem or something like that... its jus like guest in linux without gui.
    I didn't quite get that. Can you translate this into english?

    but here the prob is something else .
    so i suggest first of all make all ur files read only..this way the virus can't infect that..
    Ever tried to do that? Does your machine still work? Try making c:\windows read-only...

    then beeter try some registry cleaner bcoz wen virus come again n again they have a entry in registry attached to a process or at system boot..
    Close but no cigar. There are entries in the registry that make processes start at boot time.
    Your virusscanner will clean those too you know.


    after that if u can do open any infected file in windows editor n compare two diff files..
    Good point. But don't use an editor. You won't be able to make sense of it.

    well out of junk u can see some .dll files written out there like msvmvb60.dll for troajan in visual basic every time they execute they require runtime binary..
    What happens if the virus was written in C or plain old assembly?

    try remaining them if its not system critical process..
    well if even then if its not working then try on some windows xp support tools like "depends"
    it shows all the libraries required by a process to start try ,
    renaming or deleting any file out there ,which is not critical..,after which it will not be able to spread itself
    And how does one see which ones are critical and which aren't? Just rename, reboot and hope your system comes back up?

    i think that's more than good..
    I think you need to learn a lot more.

    I'm sure you mean well but this really doesn't help...
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    OK, my first comment is that this does not appear to be a "virus"............the Norton says "trojan" so that is probably what it is. It does not seem to behave like a virus either.

    Secondly, it is always good policy to run anti-malware scans in "safe mode"..............a lot of them will not have loaded, so the AV/AM tools can clean them thoroughly.

    You get into safe mode by rapidly tapping the F8 key on boot-up. Be patient, if you do not have to do this regularly, you may have to have several goes

    In XP you should go for the option "with network support", as this should let you update your anti-malware tools.

    ALSO: In Windows XP and ME you should disable system restore before you start scanning. Visit your AV suppliers site or Microsoft Support for instructions.

    Right,

    1. When your AV or whatever reports a detection, WRITE THE DETAILS DOWN, and check on their site. There may well be additional clean up and repair instructions there. It also allows us to find out how it works.

    2. Do not empty the quarantine until the problem is resolved. Your AV supplier may want to look at the file.............I certainly would.

    What seems to be happening here is that a load of scumware is running in the background, taking the resources. It could also be Norton itself running background scans.

    There certainly seems to be a bad guy trying to collect information..............it creates a temporary file and Norton deletes it, so it creates another one.................almost perpetual motion? ...........Norton vs. a bad guy in real time?..............that could easily take 80% of your resources.

    QUOTE:

    so i suggest first of all make all ur files read only..this way the virus can't infect that..

    Please IGNORE THAT TOTALLY....................the guy is obviously an IVPACE (International Virus Protection Agency Certified Engineer)..............if you are already infected, protecting things will only protect the infection and prevent the clean-up?


    Good luck!

  9. #9
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004
    Posts
    3,171
    ashtified,

    Maybe english isn't your first language...if we knew where you came from I'm sure the guys that have mentioned your language problem would cut you some slack...because as it sits right now, without any background knowledge to base an opinion on, it just looks like you're talking as if you were in some chat room.

    Know where you're experience lies...I'll use myself as an example...I know that I know diddly-squat about computers, so I never present myself as such and maybe bugger up someone's computer...I provide links...and that's about as far as I go about giving computer related advice...if you don't really know what you're talking about, then leave it to people who do...there are other ways to help without causing someone more headaches by giving bad advice.

    Just a suggestion.

    Eg

  10. #10
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    If it's identified as a trojan by Norton, you might want to try a trojan remover. That's what they're for and stuff...

    http://www.agnitum.com/products/tauscan/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •