• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Virus emergency

G

Goosemaster

Lifer
Client has had multiple virus issues dealing with a disgruntled ex-lover.

Computer was wiped, bios was overwritten, and everythign but the Harddrive was replaced.

After installign service pack to the login window usign classic mode looks strange.

-The "log onto windows" tite bar is about half as high as it should be and the text is very small. The rest of the dialog sizes are normal
-THe dialog box itself is a dark shade of grey muc hdarker than the default color XP uses for the classic login prompt?

Any ideas?

All the hardware has been tested and is in fine workign order. We do not have toosl that can scan hardware for virus like activity though🙁

Thanks
 
Originally posted by: Vertimus
1. screenshot?

2. mbr?
Click to expand...

you think it could be hiding i nthe MBR? That's pretty slick.


What's funny is that the computer was acting 100xstranger before I toook the CDrom drive out, which earlier, had not been flagged as having errors😛

definitely 7331
 
Originally posted by: hypn0tik
format c: didn't do the trick??
Click to expand...

nope.

I even put it behind a corporate linux firewall with practically layer 7 scanning (won't name) and the machine still got infected or rather, still had crap on it that screwed it up, so it must have somethign on there.
 
what's that program that will wipe the HDD 35times with 0s and random 0s and 1s in alternating wipes? That probably will kill off anything left by the format.
 
Originally posted by: Goosemaster
Originally posted by: hypn0tik
format c: didn't do the trick??
Click to expand...

nope.

I even put it behind a corporate linux firewall with practically layer 7 scanning (won't name) and the machine still got infected or rather, still had crap on it that screwed it up, so it must have somethign on there.
Click to expand...

Damn. That's insane. Good luck!
 
Originally posted by: Goosemaster
-The "log onto windows" tite bar is about half as high as it should be and the text is very small. The rest of the dialog sizes are normal
-THe dialog box itself is a dark shade of grey muc hdarker than the default color XP uses for the classic login prompt?

Any ideas?

All the hardware has been tested and is in fine workign order. We do not have toosl that can scan hardware for virus like activity though🙁

Thanks
Click to expand...

Right click desktop --> properties --> appearance --> advanced

3D Objects will fix the dark grey shading (which I actually prefer), You can mess around with the Message Box, Title, etc size settings. 🙂

Probably not how it was changed in the first place, but an easy way to change it back.
 
Originally posted by: mwmorph
what's that program that will wipe the HDD 35times with 0s and random 0s and 1s in alternating wipes? That probably will kill off anything left by the format.
Click to expand...
DBAN

Same algorithms used by DOD.
 
Originally posted by: JustAnAverageGuy
Originally posted by: Goosemaster
-The "log onto windows" tite bar is about half as high as it should be and the text is very small. The rest of the dialog sizes are normal
-THe dialog box itself is a dark shade of grey muc hdarker than the default color XP uses for the classic login prompt?

Any ideas?

All the hardware has been tested and is in fine workign order. We do not have toosl that can scan hardware for virus like activity though🙁

Thanks
Click to expand...

Right click desktop --> properties --> appearance --> advanced

3D Objects will fix the dark grey shading (which I actually prefer), You can mess around with the Message Box, Title, etc size settings. 🙂

Probably not how it was changed in the first place, but an easy way to change it back.
Click to expand...

nope. I wish it was that simple🙁
 
Originally posted by: Goosemaster
Originally posted by: jumpr
Originally posted by: mwmorph
what's that program that will wipe the HDD 35times with 0s and random 0s and 1s in alternating wipes? That probably will kill off anything left by the format.
Click to expand...
DBAN

Same algorithms used by DOD.
Click to expand...

I only erased in 8 times🙁
Click to expand...

Thats good enough.

What about something hiding in the "restore partition". I am not sure what this is called.I have seen it on alot of dells.Its like 85mb or so.
 
Have you considered that whatever media you're using to install Windows is infected? Or is it an official MS CD?

Maybe there is another machine behind your firewall that is reinfecting it?
 
Originally posted by: JoeKing
new motherboard will solve your problems. "bios was overwritten" I'm assuming you're still using the same mobo.
Click to expand...

Yeah. Their budget is quite slim so for major repairs they are SOL

We already spent way more time than we are billign for jsut to appease them...
 
Originally posted by: SagaLore
Have you considered that whatever media you're using to install Windows is infected? Or is it an official MS CD?

Maybe there is another machine behind your firewall that is reinfecting it?
Click to expand...

Weused our own media and theirs.


I just realized that the subnet I was working on for this her at the offioce was on THE FVKIGN DMZ :|
As for the infected machines, that may be a possibility but this took place at the clients residence.

So much for the security😛
 
The obviously simple question is: Did you try a different hard drive? You stated that you wiped it 8 times, I doubt anything is left over after that. And there's obviously no important data to save :/.

Sounds like simple hardware failure stemming from replacing everything. Something just got hosed in the process. And some sh|t just doesn't work right out of the box.

Then again, you said "everything was replaced but the HD, & that the Bios was overwritten" That means you're still w/ the same mobo. Did you "write-protect" the floppy when you flashed the bios? Or did you do it from a bootable cd?
 
Originally posted by: ktehmok
The obviously simple question is: Did you try a different hard drive? You stated that you wiped it 8 times, I doubt anything is left over after that. And there's obviously no important data to save :/.

Sounds like simple hardware failure stemming from replacing everything. Something just got hosed in the process. And some sh|t just doesn't work right out of the box.

Then again, you said "everything was replaced but the HD, & that the Bios was overwritten" That means you're still w/ the same mobo. Did you "write-protect" the floppy when you flashed the bios? Or did you do it from a bootable cd?
Click to expand...

1. numerous tests revelaed no hardware issues.
2. they will not pay to replace the drive...

no way we are footing the bill.
 
Originally posted by: Goosemaster
Originally posted by: ktehmok
The obviously simple question is: Did you try a different hard drive? You stated that you wiped it 8 times, I doubt anything is left over after that. And there's obviously no important data to save :/.

Sounds like simple hardware failure stemming from replacing everything. Something just got hosed in the process. And some sh|t just doesn't work right out of the box.

Then again, you said "everything was replaced but the HD, & that the Bios was overwritten" That means you're still w/ the same mobo. Did you "write-protect" the floppy when you flashed the bios? Or did you do it from a bootable cd?
Click to expand...

1. numerous tests revelaed no hardware issues.
2. they will not pay to replace the drive...

no way we are footing the bill.
Click to expand...


But have you tried a different drive? Anything that you know is clean & working?

Does everything work normally until you install the service pack? BTW, SP2 right?

What happens after you login?

Just trying to get as much info as possible.

You stated that "we are not footing the bill", so I guess this is for business. If the drive is indeed faulty, relate to them the cost of a new hard drive compared to your labor for troubleshooting the problem...
 
Originally posted by: ktehmok
Originally posted by: Goosemaster
Originally posted by: ktehmok
The obviously simple question is: Did you try a different hard drive? You stated that you wiped it 8 times, I doubt anything is left over after that. And there's obviously no important data to save :/.

Sounds like simple hardware failure stemming from replacing everything. Something just got hosed in the process. And some sh|t just doesn't work right out of the box.

Then again, you said "everything was replaced but the HD, & that the Bios was overwritten" That means you're still w/ the same mobo. Did you "write-protect" the floppy when you flashed the bios? Or did you do it from a bootable cd?
Click to expand...

1. numerous tests revelaed no hardware issues.
2. they will not pay to replace the drive...

no way we are footing the bill.
Click to expand...


But have you tried a different drive? Anything that you know is clean & working?

Does everything work normally until you install the service pack? BTW, SP2 right?

What happens after you login?

Just trying to get as much info as possible.

You stated that "we are not footing the bill", so I guess this is for business. If the drive is indeed faulty, relate to them the cost of a new hard drive compared to your labor for troubleshooting the problem...
Click to expand...

1. Happens after service pack2

2. I get an error saying that the registry had to be recovered. That is usually a hardware-based error but all of the systems hardware checks out fine.

3. THe error went away after removing the CDrom

4. The logon screen's title bar is half as high as it should be and the colors are all wrong.

5. Klez and netsky were suspected but not found
 
My initial thought would be to wipe everything again and before placing it on the network install zonealarm and avg or something similar from CD. That immediately prevents stuff from getting on in the first place. I would even suggest service pack 2 from CD then connect and download updates. I reformatted a computer at novell where my uncle works and he warned me about not having a firewall. Fortunately, I had something up quick, but within 2 minutes the computer was already laden with junk.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top