AntiCMOS Virus Help Please

Discussion in 'Software' started by CaNoFzOo, Sep 11, 2004.

  1. CaNoFzOo

    CaNoFzOo Sergeant Major

    I put a floppy disk containting pictures into my computer. As soon as I did I got a pop up saying I had the AntiCMOS virus and to run AVG to get rid of it.
    (I think thats what it said) I really should have taken a screenshot.

    http://vil.nai.com/vil/content/v_98045.htm

    According to the MCAFEE site, it says nothing about the virus infecting Windows XP users.

    What exactly is going on?


    Right now i'm running AVG, and a Panda Online Scan.

    Thanks guys :)
     
    CaNoFzOo, Sep 11, 2004
    #1
  2. CaNoFzOo

    CaNoFzOo Sergeant Major

    Oops I didn't even realize I put it in the software forum sorry guys! :eek:
     
    CaNoFzOo, Sep 11, 2004
    #2
  3. Rob M.

    Rob M. First Sergeant

    Like McAfee says, a boot sector virus resides in the boot sector of a disk, and can spread only by writing itself to the boot sector of another disk. A boot sector virus does not get a chance to run if you do not try to boot from the infected disk.

    Here's why:

    The boot sector of every formatted disk or diskette contains a small program that either points the BIOS to the operating system installed on that disk, or displays a message to the effect that no operating system is installed. A boot sector virus hooks itself to that code, and gets executed when you try to boot from that disk. It does not matter whether the disk involved is a bootable disk or not. When the boot sector code runs, so does the virus code. It does not need ANY operating system to run -- it does its thing before the operating system (whatever OS is on the disk, if any) even starts to load.

    So -- a boot sector virus like AntiCMOS will infect any Intel-type platform, regardless of the operating system on it, if you try to boot from the infected disk or diskette.

    (Actually, now that I think about it -- I don't know whether AntiCMOS can infect a hard disk that has been formatted with something other than FAT12, FAT16 or FAT32. DOS/Windows puts a FAT12 format on a floppy diskette. There may be something in the boot sector code in other file systems that prevent AntiCMOS from hooking itself to the boot sector code. But WinXP can read all of the FAT formats, so I wouldn't want to bet against it. And I note that there is reference in the McAfee article to systems using the NTFS filesystem -- which includes Win XP as far as I know.)

    If you haven't tried to boot from that diskette, you haven't got much to worry about - until you accidentally leave it in your A: drive when you shut down so that your system tries to boot from it next time it starts.

    It doesn't matter whether that diskette has an operating system on it or not. When you see the message "Non-system disk - replace and press any key", it's too late. The boot sector virus is already in system memory and will write itself to the boot sector of the hard drive as soon as that drive is accessed. But you may be able to stop it in its tracks by hitting the power switch if you can do that before the hard drive is accessed.
     
    Rob M., Sep 12, 2004
    #3
  4. CaNoFzOo

    CaNoFzOo Sergeant Major


    Thanks for the response. My problem is fixed now. (I think.) I did an online virus scan, and scanned the floppy disk, and it found AntiCMOS.boot and disinfected it. :)
     
    CaNoFzOo, Sep 12, 2004
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds