Memory virus problem - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 05-10-2004, 09:54 PM   #1 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default Memory virus problem

What's stated in bold is what I typed a few weeks ago:

A few weeks ago, I was surfing the web and a clicked on a site which caused my PC to act really funny. It opened up a bunch of web pages which wouldn't stop until I alt,cntl,deleted them to force them to shut. I noticed my desktop had new Icons on it that I didn't place there. I accidently clicked on one which was a batch job whiched messed up my PC. I couldn't open applications, ones I had open wouldn't close, I couldn't even clcik on start, shutdown. I had to restore my hard drive from scratch.

The 5 icons on my desk top are one with an "o" under it, another icon with an "o" nder it that is a batch job, another with 0021- bdl94126, another called SILENT, and the last one is CS4P08.


What's stated in italisized is what someone responded to me a few weeks ago:

Yeah 24giovanni, It's amazing what outsourcing of jobs does to the virus world. This is a memory
resident virus http://vx.netlux.org/lib/static/vdat/tumisc51.htm


The 5 icons on my desk top are one with an "o" under it, another icon with an "o" nder it that is a batch job, another with 0021- bdl94126, another called INSTALL2, another was INFAMOUS_DOWNLOADER and the last one is CS4P028.exe.

What I did today is run ad aware program, save what was found to a log and quarenteened what was found. I then ran spybot S & D and found 1 file and removed it.

After running both I was able to delete the icons off of my desktop. The past few times i've had this issue i've restored my system with the recovery disks that came with my system and other various software. I attached the file saved from ad aware.

What di I have to do to stop this from happening? Should I reformat my hard drive? Will that help if it is a memory virus? If not, what can I do to stop it?

Any help is greatly appreciated.
__________________

24giovanni is offline  
Old 05-10-2004, 10:05 PM   #2 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

how do I attach a file saved to my computer in this forum?
__________________

24giovanni is offline  
Old 05-10-2004, 10:07 PM   #3 (permalink)
Banned
 
Join Date: Apr 2004
Posts: 559
Default

You say spybot s&d fixed the issue? Then it had to be somekind of horrible spy ware. As spybot doesnt cover viruses. Also a memory resident virus is a virus that runs in memory and in doing so you cant remove it until you stop it from starting up.. Thats what spybot did for you, it removed the malwares ability to start up, hence you were able to delete it. Same idea, you cant delete a program if its running... You should use spybots immunize functions, as well as install a good anti-virus. It also helps to make sure active x programs cant just install themselves at will on your machine. They should be asking you or they should be denied, depending on their signatures. All of that is configurable in IE's internet options. Just set the security zones to a more secure level if nothing else helps.
ChaosBlizzard is offline  
Old 05-10-2004, 10:08 PM   #4 (permalink)
Banned
 
Join Date: Apr 2004
Posts: 559
Default

Quote:
Originally posted by 24giovanni
how do I attach a file saved to my computer in this forum?
I dont think we want your virus........
Your word is sufficient.
ChaosBlizzard is offline  
Old 05-10-2004, 10:17 PM   #5 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

How do I remove the problem I am having before it happens again?
24giovanni is offline  
Old 05-10-2004, 10:19 PM   #6 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

I have McAfee vshield running in my system trey. Isn't that suppose to scan my system on every startup for these issues or do I have to do something with it myself?
24giovanni is offline  
Old 05-10-2004, 10:23 PM   #7 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

If I use sbybots immunize, should I do that after the same thing happens again? In other words let it find all bad files and then instead of using the "fix all problems" I should select immunize?
24giovanni is offline  
Old 05-10-2004, 10:26 PM   #8 (permalink)
Banned
 
Join Date: Apr 2004
Posts: 559
Default

Quote:
Originally posted by 24giovanni
If I use sbybots immunize, should I do that after the same thing happens again? In other words let it find all bad files and then instead of using the "fix all problems" I should select immunize?
Immunize is a serperate function, it puts a large list of known bad sites into IE's restricted zone, which means those sites cant launch any potentially harmful malware.. Also mcafee in my experience sucks, if it does detect something it usually can't do anything other than notify you that you have a problem.. Use norton, nod32, or an F-prot antivirus.

www.nod32.com
www.f-prot.com
ChaosBlizzard is offline  
Old 05-10-2004, 10:42 PM   #9 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

My activex controls and plugins settings are set up as followed:

download signed activex controls = prompt

download unsigned activex controls = prompt

initialize and script activex controls not marked as safe = disable

run activex controls marked safe for scripting = enable

script activex controls marked safe for scripting = enable

reset custom setting = med.... should I leave this at med or change to high???
24giovanni is offline  
Old 05-10-2004, 10:49 PM   #10 (permalink)
Banned
 
Join Date: Jul 2003
Posts: 878
Default

Quote:
Originally posted by ChaosBlizzard
Use norton, nod32, or an F-prot antivirus.

www.nod32.com
www.f-prot.com
are any of these free?
__________________

24giovanni is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 06:05 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.