I have Virus that no software can find

Discussion in 'Malware Help (A Specialist Will Reply)' started by WeekendGeek, May 11, 2008.

  1. WeekendGeek

    WeekendGeek Private E-2

    I have reformatted, reloaded and been reinfected by whatever this nasty little bug is. All I have to do is connect to the internet to get Windows XP updated and this bug is back! I've tried this three times, even had to run a repair on windows to get back on-line to write this.
    Could it be in the BIOS, some other part of the motherboard, in the modem or router? All of our three computers have this infection but I am only working on one at a time. no other infected PCs are connected to the router at this time. This is all beyond my computer knowledge level. If anyone can help, please point me in the right direction.
     
    WeekendGeek, May 11, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You have not explained what the problem is. Please explain what malware problem you are actually having. Also when you reinstalled:
    1. did you delete your partitions and repartition before formatting
    2. did you reinstall from original media to be sure that what you are reinstalling from is not infected. This applies to everything that you reinstalled not just Windows
    3. before you connect to the internet, do you have all of the below installed even if not updated:
      • antivirus
      • antispyware blocking tool
      • software firewall (even if your router has a firewall you should have a software firewall)
    To remove malware or check your PC for malware, the below steps need to be followed, but I would like to see a description of what your problems really are.

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

    READ & RUN ME FIRST. Malware Removal Guide
     
    chaslang, May 11, 2008
    #2
  3. WeekendGeek

    WeekendGeek Private E-2

    Thanks for the quick reply.

    I might not have deleted the partition before but I did just a few hours ago.

    I reformatted and reloaded my software just as you recommended. The only unnerving part was that I had to connect to the internet to get my McAfee Total Protection to function. I chose McAfee because it will run on XP service package 1, what my disc installs.

    I had a pop-up warn me that I had "CRITICAL ERROR MESSAGE! REGISTRY DAMAGED AND CORRUPTED." then it advised me to go to reistrycleanerxp and download their software. That was the mistake I did last time so I didn't repeat it this time. I right clicked on the button on the active bar and selected "close". I had to close it dozens of time while I looked through the advice forums for the fix.

    From another thread:
    ========================================================================================
    The messenger service in Windows 2000 and pre-SP1 (or possibly 2) XP has been exploited to show popups from malicious sources. To stop them, please do the following:

    1. Hit windows key + r (or click Start --> Run)
    2. In the 'Run' dialog, type 'services.msc' (without the quotes)
    3. Press enter (or click the 'OK' button)
    4. In the 'Services' dialog, locate the 'Messenger' service
    5. Right-click the service, and select 'Properties'
    6. On the 'Messenger Properties' change the 'Startup Type' to 'Disabled'
    7. Press the 'Stop' button
    8. Apply your settings.

    Do not worry, this will not interfere with the operation of any of your programs, even MSN messenger. It will, however, stop the annoying malicious popups.
    ========================================================================================

    Seems to have stopped the pop-up...so far. I'm keeping my fingers crossed
     
    WeekendGeek, May 11, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    So are you saying that your problem is popups?

    Note it is not a good idea to even connect and unprotected PC to the internet for more than 5 seconds even to get protection software like McAfee. If that is what McAfee requires and if it is not protecting you before connecting to the internet then I suggest you find a smarter program. We have seen many, many, many....etc PCs get infected in as little as 5 to 10 seconds of connecting to the internet when the items I asked about are not installed before connection is made.

    The procedure you did for Windows Messenger is not adequate. Disabling it will allow malware to just re-enable it. You need to remove it. I suggest you do the below to remove it.

    Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.
     
    chaslang, May 11, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds