Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I have a horrible virus - no clue what to do
New Posts  All Forums:Forum Nav:

I have a horrible virus - no clue what to do - Page 3

post #21 of 67
In order of likelihood:
- Something you're installing or running every time has that virus.
- Some remote vulnerability is being exploited on your setup. Update your software, Windows included.
Akiyama Mio
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6420 @ stock, 0.98v Asus P5N-E SLI Gainward GTX 460 1GB @ 800/1600/1900 2x2GB Kingston @ 800MHz 5-5-5-15 2T 
Hard DriveOptical DriveOSMonitor
WD 250GB, 320GB SATA/3, 16MB Cache, Seagate 1TB LG GSA-H62N 18x SATA Ubuntu 9.10 x86 & Win7 x86 Asus VW222U 
KeyboardPowerCase
Logitech Classic Corsair 650HX NZXT Apollo Black 
  hide details  
Reply
Akiyama Mio
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6420 @ stock, 0.98v Asus P5N-E SLI Gainward GTX 460 1GB @ 800/1600/1900 2x2GB Kingston @ 800MHz 5-5-5-15 2T 
Hard DriveOptical DriveOSMonitor
WD 250GB, 320GB SATA/3, 16MB Cache, Seagate 1TB LG GSA-H62N 18x SATA Ubuntu 9.10 x86 & Win7 x86 Asus VW222U 
KeyboardPowerCase
Logitech Classic Corsair 650HX NZXT Apollo Black 
  hide details  
Reply
post #22 of 67
Thread Starter 
Well, tdsskiller finished and didn't find anything. I'm currently running malwarebytes on all of my computers and it's scanning ALL files. I'll post my results in a bit. Once this finishes I'll probably run tdsskiller in safe mode just to ensure there's nothing there.
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
post #23 of 67
Tdskiller only removes the TDS rookits and you having no signs of having any of them, gl to you though, hope we helped you out.
post #24 of 67
if its on your external it could possible have an autorun.ini file which automatically, which could be executing the virus when you plug it in.
Patawic's Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
Thuban 1055T Gigabyte 880GMA-UD2H GIGABYTE GeForce GTX 460 1GB OC Corsair 4gb 1333mhz DDR3 
Hard DriveOptical DriveCoolingOS
Samsung F4 LG CH10LS20 Bluray CoolerMaster Hyper Z600 Windows 7 
MonitorKeyboardPowerCase
Dell P4211H x 2 Logitech G110 OCZ 750W Fatal1ty HAF 912 
  hide details  
Reply
Patawic's Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
Thuban 1055T Gigabyte 880GMA-UD2H GIGABYTE GeForce GTX 460 1GB OC Corsair 4gb 1333mhz DDR3 
Hard DriveOptical DriveCoolingOS
Samsung F4 LG CH10LS20 Bluray CoolerMaster Hyper Z600 Windows 7 
MonitorKeyboardPowerCase
Dell P4211H x 2 Logitech G110 OCZ 750W Fatal1ty HAF 912 
  hide details  
Reply
post #25 of 67
Thread Starter 
Quote:
Originally Posted by UsedPaperclip View Post
Tdskiller only removes the TDS rookits and you having no signs of having any of them, gl to you though, hope we helped you out.
Oh okay.

Well, malwarebytes has finished running on all of my computers and the results said I have no infected items. I also ran kaspersky on the screwed up computer and it said the same thing.

Kind of at a loss here...
This all would lead to me believing it's either my RAM or my new HDD failing, but I'm almost certain it's a virus. When I first contracted this thing Thursday morning, before everything broke, Windows Defender popped up saying it detected a virus, and then all hell broke lose and all processes quit unexpectedly and then the computer restarted itself and then from that point on I was unable to get past POST.
I don't think a failing component would bring up a virus message.

I'm beginning to think it may really be a BIOS virus, which I've heard is rather rare, but I don't know what else it could be. I flashed my BIOS just in case.

I guess I'll be running seatools and Memtest for the rest of the night.


EDIT - Seatools DOS passed.

Time to run Memtest.
Edited by EmeraldICE - 6/17/11 at 5:38pm
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
post #26 of 67
Quote:
Originally Posted by EmeraldICE View Post
Oh okay.

Well, malwarebytes has finished running on all of my computers and the results said I have no infected items. I also ran kaspersky on the screwed up computer and it said the same thing.

Kind of at a loss here...
This all would lead to me believing it's either my RAM or my new HDD failing, but I'm almost certain it's a virus. When I first contracted this thing Thursday morning, before everything broke, Windows Defender popped up saying it detected a virus, and then all hell broke lose and all processes quit unexpectedly and then the computer restarted itself and then from that point on I was unable to get past POST.
I don't think a failing component would bring up a virus message.

I'm beginning to think it may really be a BIOS virus, which I've heard is rather rare, but I don't know what else it could be. I flashed my BIOS just in case.

I guess I'll be running seatools and Memtest for the rest of the night.


EDIT - Seatools DOS passed.

Time to run Memtest.
running a rootkit detector won't detect rootkits that don't load.
Run this
http://ad13.geekstogo.com/MBRCheck.exe
Click on my sig and follow that guide.
post #27 of 67
Thread Starter 
Thanks for the link. I'll go run the program right now.
Do you have any idea how the virus is surviving reformats/killdisk? I've scanned all of my files and nothing appears to be infected.
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
post #28 of 67
Quote:
Originally Posted by EmeraldICE View Post
Thanks for the link. I'll go run the program right now.
Do you have any idea how the virus is surviving reformats/killdisk? I've scanned all of my files and nothing appears to be infected.
it might be in the MBR, use a linux live boot CD to zero out the drive then install windows fresh.
I would try and get a new CD for installing windows, just to make sure there isn't a virus on the disk somehow, unless of course it is a genuine disk from MS.

Might try downloading a ISO of a fresh disk to try.
post #29 of 67
Quote:
Originally Posted by EmeraldICE View Post
Thanks for the link. I'll go run the program right now.
Do you have any idea how the virus is surviving reformats/killdisk? I've scanned all of my files and nothing appears to be infected.
did you reinstall any back ups?
Are you on a network with other computers?
Do you have any other hdd in your pc?
post #30 of 67
Thread Starter 
It's a genuine copy of Windows. I hadn't reinstalled any backups when it happened. I'm networked with 2 other computers, both of which are fine and both of which have been scanned by malwarebytes and kaspersky today. I have 4 other hard drives besides the main drive in my pc, 3 internal and 1 external. All of them have been scanned today with no infections.

I'm about to run the program you linked me to and will post back with the results.

EDIT - I ran MBRCheck and my external has an unknown MBR code, and one of my internal drives has an MBR code from windows 2008. The other drives look fine.
Edited by EmeraldICE - 6/17/11 at 9:17pm
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
NEW BUILD!!!!
(19 items)
 
  
CPUMotherboardGraphicsHard Drive
i7 2600k / 4.5ghz @ 1.32v Asus P8Z68-V PRO/GEN3 EVGA GTX 560 Ti Crucial m4 
Hard DriveHard DriveOptical DriveCooling
WD Black WD Black LG Bluray Reader Corsair H60 
OSMonitorKeyboardPower
W7 Pro x64 Acer H233H G15 Corsair HX750 
CaseMouseAudioOther
HAF X - Blue Edition G500 X-Fi Elite Pro nMediaPC LCD 
Other
Rosewill 74-in-1 card reader 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I have a horrible virus - no clue what to do