Major virus trouble.

[Oifish]

Alright, here is goes. I just moved up to Ball State a couple of days ago, and my PC was fine, but yesterday everything was acting realllll slow and then it just shut off. Now it takes forever to get into windows or to do anything in win. And the most recent thing is that now when I turn it on, and it gets to the windows loading screen it just restarts. I am really hoping I don't have to reformat. Is there any type of virus scan that runs in DOS that I can run. I tried that AVG DOS scan but that didn't find anything.

PS I'm pretty sure it's that new WORM virus that is out if that helps any.

 

[mechBgon]

1) what Service Pack you got on your WinXP Pro? (eg SP2 or whatever)

2) what software firewall, if any, do you use?

3) what hardware firewall, if any, do you use? (a router, for example)

4) what antivirus software do you use normally?

5) will the system start in Safe Mode and stay running?

 

[Oifish]

I've got SP2, I was using Kerio Personal Firewall, no hardware firewall, I was using Symantic Anti-virus, and AVG, and the system freezes when loading safe mode.

 

[mechBgon]

Combining two resident antivirus products (Symantec and AVG) is likely to cause problems or slowdowns right there. You might have to try what Microsoft calls an in-place upgrade. It should preserve your programs and files while getting WinXP reinstalled.

Be aware that this takes your WinXP install back down to whatever patch level is native to your WinXP CD, maybe SP0 or SP1? so you would then be vulnerable to stuff that SP2 is immune to. Make sure you're unplugged from the network before you proceed, and once you're done (assuming it worked), uninstall one of the two antivirus products, ensure that Kerio is still providing firewall protection, install SP2 offline if possible, and lastly follow the routine I mention here for a "second opinion" on the virus aspect.

 

[mechBgon]

Also, since it sounds like you're at school, can I suggest you invest in a cheap non-wireless router, my favorite recommendation is the Netgear RP614: router setup/lockdown stuff. Let's see the worms try to infect that puppy :evil:

 

[Oifish]

I got XP from Ball State so it's native service pack is SP2. And I'd try to do what mechBgon said, but I cant get into windows at all.

 

[mechBgon]

Look at the Microsoft link, you do not need to get into Windows. You put in your WinXP CD-ROM disc and boot from it, then do a complete repair-installation of WinXP using the CD-ROM.

Another possibility is to remove your system's hard drive, slave it into another system, and scan it for viruses there. Use the McAfee scanner that I suggested in my second link above. While you're at it, back up any data files you can't live without, in case you really do have to reformat.

If it were me, and I suspected a successful worm infection, I would certainly be planning a full reformat and reinstall using best practices along the way, including router protection to keep the worms off.

 

[Oifish]

Well, I hate to say this but they dont want us using routers in the dorms because they slow down the rest of the network or something like that.

 

[Oifish]

Another possibility is to remove your system's hard drive, slave it into another system, and scan it for viruses there. Use the McAfee scanner that I suggested in my second link above. While you're at it, back up any data files you can't live without, in case you really do have to reformat.

I was thinking about that but wouldn't the worm infect the computer I'm hooking the HD to?

 

[mechBgon]

Originally posted by: Oifish
Well, I hate to say this but they dont want us using routers in the dorms because they slow down the rest of the network or something like that.

That's a new one

I was thinking about that but wouldn't the worm infect the computer I'm hooking the HD to?

If the system boots from its usual HDD and does not attempt to boot from yours, then it should be fine. The other system isn't going to dive in and try to run all the executables on your hard drive or something, they're just sitting there.

 

[Oifish]

I tried the McAfee thing, but the dialog box just open for a second then closes. Am I missing a file from the download?

 

[mechBgon]

1) Did you unzip it as directed and then run the command-line scanner using all the funky switches I mention in the text file?

2) Are you using an Administrator-class account? (yes = good, for this purpose)

3) What does the output in C:\Report.html say?

 

[Oifish]

I got the scan to work it was missing names.dat, and after I ran the scan it may be fixed. I'll keep you updated on what happens. Thank for all your help guys.

 

[Oifish]

There is another problem now, but I dont know if it is from the virus. When the computer is at the windows loading screen it sometimes just shuts off. And also the screen is ,like, wiggling. If this is for another forum just tell me, or if you can offer any help. Thanks.

 

[mechBgon]

That sounds like a hardware problem. Maybe your K7S5A is getting ready to move on to The Great ATX Case In The Sky like mine did. Sudden power-downs could also point to a PSU problem... what brand & model of PSU is running the show there?

 

[Oifish]

Well, I don't know if the type of the PSU matters anymore, because it now turns on for less than a second and then shuts off. The old PSU is 300W, should I get one that is 400W or above?

 

[mechBgon]

Here's one you might consider: http://www.newegg.com/Product/Product.asp?Item=N82E16817104953

 

[jbritt1234]

Since your move, have you tried opening the case and making sure EVERYTHING is seated firmly? Be sure the Memory, video card, power plugs etc are all firm. Un-plug them and plug them back in.

It does sound like a psu problem though. Also, that new Worm, rbotz, only effects Win2k and a VERY FEW cases of XP SP1.

 

[Oifish]

Ok I'll take everything out and put it back in. I'll let you all know what happens after that.

 

[birdpup]

Originally posted by: mechBgon

Originally posted by: Oifish

Originally posted by: mechBgon

Another possibility is to remove your system's hard drive, slave it into another system, and scan it for viruses there. Use the McAfee scanner that I suggested in my second link above. While you're at it, back up any data files you can't live without, in case you really do have to reformat.

I was thinking about that but wouldn't the worm infect the computer I'm hooking the HD to?

If the system boots from its usual HDD and does not attempt to boot from yours, then it should be fine. The other system isn't going to dive in and try to run all the executables on your hard drive or something, they're just sitting there.

I tried this once before and at least one virus must copy itself to the partition table somehow because this did happen to me. A friend's system caught a virus and he had two hard drives. I took out his master drive with his system files, attached it to my good system as a slave, and transferred the virus from his drive to my good, master, system drive. Right after bios POST, the virus transferred itself over to my system and wiped out everything. My system did not have the opportunity to boot and start its own McAfee Anti-Virus program.

Eventually, I restored my system and his, put his system drive back into his system, and the virus from his slave drive copied itself over onto his new system drive that I had spent at least a week working on and wiped out everything again. This friend did not believe I had even fixed anything because the system did not have an opportunity to even boot up.

It happens. I highly recommend not to put a drive with a virus into a good system.


You can read Power Supply 101 for more information on power supplies.

EDIT: grammar and sentence completion for clarity