XP reboots, in all F8 modes, virus problem

[Dave C.]

what was the name of the virus....did the AV ever say what it was?

I want to know also. I've been following this thread. My nephew's system
was protected by firewall and anti-virus software. But it seems to have
picked up the exact same virus. I haven't gotten my hands on it yet, so I
don't know what I'm dealing with. I'm curious what virus did this, wiped
out the hard drive and won't allow to boot to safe mode or even reinstall
windows. -Dave

 

[David Maynard]

Hi,

Yeah, too late for me to do it, but when she picked it up she actually was
very nice
about it. Her husband had backed up her stuff about a month ago
figuring she hadn't. Whew....what good luck.

Yeah, really lucky.

For future reference, the obvious way would be to put the drive in as slave
on another WinXP system. Even easier, especially if there isn't a spare
winXP system, is to download one of the Linux Live CD distributions.
Knoppix is the full blown version but Damn Small Linux is only 50 meg and
Feather Linux is under 64 Meg. You can mount and read NTFS partitions with
those and, best of all, you don't need to move a thing around because they
run from the CD without touching the hard drives (unless you intentionally
make changes after mounting it).

Who ever wrote the virus/worm/whatever that got her machine
knew what he/she was doing. When it started rebooting again,
after I thought I had it fixed,

Well, a reinstall wouldn't fix it because it keeps existing settings, which
would including the virus files and the registry entries to run it.

 

[David]

Soon as you can download a current version of KNOPPIX. With that
you'll have access to the data from which you can then save to a CD.

That computer sounds like a ready candidate for Linux.

Someone early on in this thread mentioned having a similar problem
after installing an MS crital update.
There are a lot of these so called Microsoft messages flying around in
emails that actually are viruses!
I NEVER take any notice of these things. Stick to updating from the
genuine MS update site only.

David

 

[!Allen Lasting]

Nope, I never got the name of it. She said AVG flagged it numberous times
with pop up warnings, but she didn't write it down.
By the time I got it it didn't boot at all, I was focused on fixing it, etc.
I didn't get a pop up. I had it on line with pc pitstop real time scan and
it didn't find anything after about 5 minutes, but I didn't let it finish
because I was tired, it was late, and I thought I had it beat.
That was at about 1 in the morning having started around 6 plus two hours in
the early afternoon.

I ran AVG's vcleaner on it, and it didn't find anything. I've used that a
few times in the past successfully.

Al

 

[!Allen Lasting]

Thanks for the tip about Linux. I know very little about it, and it is on
my list ot todo's. I'm going to try to do what you said, and make a cd. It
would really be great if that worked.

Al

 

[David Maynard]

Thanks for the tip about Linux. I know very little about it, and it is on
my list ot todo's. I'm going to try to do what you said, and make a cd. It
would really be great if that worked.

Al

In that case try the small ones first. They're obviously skinnied down but
that means you're not overwhelmed with a multitude of things you don't
really need in a 'repair' CD.

They are both a bit problematic with Windows networking, though, and unless
the fellah at Feather has remastered it LinNeighborhood doesn't work
properly (although manual networking does). If you want that then
downloading the 'latest' version fixes it (Debian. You'll know what I mean
if you make the CD and install synaptic: their software package handler).

Damn Small doesn't have a 'window' like network browser (no
LinNeighborhood) and uses the command line Samba, but FTP has a window
front end and works fine.

I think Feather is a tad bit better on autodetecting hardware because it's
based on a later version of Knoppix and if you're making a 'regular' CD
then the slightly larger size over Damn Small Linux is of no big consequence.

Besides, it's just plain fun to see them boot and run from the CD only;
especially if you slap Damn Small on a business card CD (the reason it's 50
meg).

 

[Dave C.]

Nope, I never got the name of it. She said AVG flagged it numberous times
with pop up warnings, but she didn't write it down.
By the time I got it it didn't boot at all, I was focused on fixing it, etc.
I didn't get a pop up. I had it on line with pc pitstop real time scan and
it didn't find anything after about 5 minutes, but I didn't let it finish
because I was tired, it was late, and I thought I had it beat.
That was at about 1 in the morning having started around 6 plus two hours in
the early afternoon.

I ran AVG's vcleaner on it, and it didn't find anything. I've used that a
few times in the past successfully.

Al

Well I'll have my nephew's system soon. I'm going to slave that hard drive
off my wife's system. I'll find out what that puppy is. I'm pretty darned
sure it's the same virus, and it's a real nasty one. -Dave