Virus?????

  • Thread starter Thread starter Jim
  • Start date Start date
J

Jim

Virus report:

Firstly, my system is 2 months old. It has the following:

AMD 2.6 XP
1 gig DDR 333 ram
OS-Windows 2000 Professional
2 hard drives-120 Gig and 30 Gig
Internet connection is Sprint Broadband satellite-LAN card
Installed Norton Antivirus and Norton Internet Security

I kept my computer turned off during the latest virus
episode. Per recommendation of a friend who works at
Intel, I turned it on and downloaded the Service Pack
update from the Windows update site. I had trouble
getting it to download for a couple of hours but assumed
the site was busy with heavy traffic. Finally on Sunday
August 17, I was able to get the file to download and
installed. I ran NAV right after the installation and
then switched off the modem. On Monday, August 18, I
turned my computer on-not the modem-and received an alert
message stating there was a virus which could not be
removed by NAV. Directions were given to remove the
virus. I had a technician from Emergency Computer Service
come to my house and remove the virus per directions from
Symantic web site. Everything seemed to be fine and no
apparent problems encountered. I have only been on the
internet for short periods of time to download my e-mail.
Yesterday, August 21, I was working with my word processor-
Word 2000. I left the computer for about 20 minutes,
again, the modem was not and had not been turned on. When
I returned I was gtreeted by a solid blue screen with the
following text:

*** STOP:0x000000D1(0x0C31EF08, 0x00000002, 0x00000001,
0xBFC14E31)
Driver_IRQL_Not_Less_Or_Equal

*** Address BFC14E31 base at BFC14000, Date Stamp 3c9d0fba-
portels.sys

Beginning dump of physical memory

I turned the power off and then rebooted and everything
seemed normal. Today, I was working on the computer and
suddenly the screen went solid blue and the following text
displayed:

*** Stop: 0x000000050 (0xA2A4E4E8, 0x00000001, 0x8046B179,
0x00000002)
*** Address 8046B179 base at 80400000, Date Stamp
3ee6c002_ntsokrnl.exe

Beginning dump of physical memory

Physical memory dump complete. Contact your system
administrator or technical support group.

This happened twice this evening and I did lose the
information that I was working with. I have ran NAV scans
but nothing shows up. The virus I had was
backdoor.irc.flood.g
I would certainly appreciate some information and help
with this problem.

James E. Caldwell, Sr.
Colorado Springs, CO
(e-mail address removed)
 
Is there a typo in your message--in your first bluescreen message, might the
driver mentioned be portcls.sys, rather than portels.sys??

Here's one reference for the second message, which doesn't bring much joy,
I'm afraid:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/w2kmsgs/441.asp

Here's another one:

http://support.microsoft.com/default.aspx?scid=kb;en-us;183169

This has some steps you can actually take--disabling antivirus and any
third-party drivers.


If your OS was bought at retail--i.e. boxed from Microsoft, rather than OEM,
you can contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.

Help at this number is free for virus or security related issues. I can't
guess how they would classify your issue, but since it occurred after
applying a service pack (SP4?)--this may be worth a try.
 
Back
Top