Honda Motorcycles - FireBlades.org banner

1 - 20 of 25 Posts

·
Administrator
Joined
·
8,596 Posts
Discussion Starter #1
Damn *irus won't let me even read the replies to my post. Can any of you computer whizkids email to me any responses, suggestions, tips, condolences, etc. to:


PLEASE LEAVE OUT THE "V" WORD...otherwise I won't be able to open the email.

This really sux....
 

·
Administrator
Joined
·
8,596 Posts
Discussion Starter #3
nomad said:
Check your e-mail.
I did. I ran the Stinger program and it found nothing. Whatever I've got won't let me run my Norton Anti-Virus program, access either Symantec or McAfee websites, or open anything with the word "virus" in it. Even the Stinger program wouldn't run until I renamed it "Singer". I seem to recall that there was some virus awhile back that intentionally prevented you from accessing these sites, etc. Anybody have ANY suggestions?? I'm totally fooked... :crap:
 

·
Registered
Joined
·
2,466 Posts
I sent you a version from 06/14... make sure you run that one, not an earlier version. Secondly, try spy bot. That's what saved me.
 

·
Registered
Joined
·
2,057 Posts
You could get rid of the Windows software and dive into Linux? You will be a much happier computer user.

Sorry: I am an avid Linux fan and hate any Microsoft product.
 

·
Administrator
Joined
·
8,596 Posts
Discussion Starter #7
Well with the help of some .orgers, we've discovered I've got the Backdoor.Hacarmy.C virus that was only discovered yesterday. I've been able to update my virus definitions but the problem now is the virus won't let me run Norton to scan for it. No matter what I try to start Norton, it gets shut down instantly.

Any suggestions? (other than a different OS!)
 

·
Premium Member
Joined
·
4,302 Posts
What OS again? Id recommend putting the startup disc (CD) in the drive and booting using the recovery console, get to the dos box, and run stinger or what-have-you from there.

Oh yah, going from memory - the last Symantec/Norton crap I had was bootable from CD?
 

·
Registered
Joined
·
10,531 Posts
The following are the removal instructions from Norton:

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.


1.Disable System Restore (Windows Me/XP).
2.Update the virus definitions.
3.Restart the computer in Safe mode or VGA mode.
4.Run a full system scan and delete all the files detected as Backdoor.Hacarmy.C.
5.Delete the value that was added to the registry.

Click Start, and then click Run. (The Run dialog box appears.)

Type regedit

Then click OK. (The Registry Editor opens.)


Navigate to the keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
\RunServices


In the right pane, delete the value:

"IPConfig"="ipconfigs.exe"


Exit the Registry Editor.
 

·
Administrator
Joined
·
8,596 Posts
Discussion Starter #12
Thanks BDA. The only problem is I can't run a full system scan in Safe mode (or regular mode for that matter). The virus is apparently designed to stop any attempts at running a virus scan (or accessing any related website). :idunno:
 

·
Registered
Joined
·
2,466 Posts
Well.... there is another trick of the trade that you can use.... however, I don't want to send you off on a long path if I can't be there to assist. Hmmm.... oh well, here is the high level gist of things...

1. Boot up with a Knoppix type disk. I suggest the SuSE 9.1 Demo disc. These discs will usually contain a virus checker...
2. Mount your harddrive as a file system
3. Scan the filesystem

This will work unless it has infected your BIOS...
 

·
Premium Member
Joined
·
4,302 Posts
Red Rider said:
Thanks BDA. The only problem is I can't run a full system scan in Safe mode (or regular mode for that matter). The virus is apparently designed to stop any attempts at running a virus scan (or accessing any related website). :idunno:
See my above post, if you boot off the OS CD you should be able to (via recovery console) get to a prompted dos box with CD access. If you have already updated the def's you will need to find whatever the dos version of the anti-v prog. you are using is referred to and run it from there.

Do you have a second PC to use or are we on it?
 

·
Administrator
Joined
·
8,596 Posts
Discussion Starter #16
This really sucks... After countless hours spent trying to figure out what I have and how to remove it (Norton support was stumped), I have to reformat to get my system back to normal. Apparently the virus/trojan I've got also blocks access to the Registry so I can't see what changes have been made. I'm phookin' :rant: :pissed2: :banghead:

Thanks again for everyone's help...
 

·
Registered
Joined
·
3,586 Posts
Red Rider said:
This really sucks... After countless hours spent trying to figure out what I have and how to remove it (Norton support was stumped), I have to reformat to get my system back to normal. Apparently the virus/trojan I've got also blocks access to the Registry so I can't see what changes have been made. I'm phookin' :rant: :pissed2: :banghead:

Thanks again for everyone's help...
I overcame the same problem on a friends computer by installing the Panda Software scanner, give it a go could save you a lot of time re-installing, if it isn't too late already. Download the scanner at work or at a friends house burn it to a cd (don't forget the definition file updates) then install it on your machine (14 day trial should be enough to sort out this problem). It should start blocking the running spybot or *irus and then run a scan to remove it permanently.
 

·
Registered
Joined
·
803 Posts
Or burn a Knoppix-std disc, which has Clamscan AV on it. You are going to have to know a little about Linux like how to mount a hard drive, but it's fairly simple. Formatting isn't the only option..
Fig
 
1 - 20 of 25 Posts
Top