Found something the other night that I thought might be useful, it consisted of 1 exe file. Downloaded it and ran the file. Nothing popped up to say what it was doing, Hard drive went crazy, icons blinked on desktop (as did everything in explorer) and resources were 100% used.
Rebooted still doing the same. Hmm, possible problem. Took the PC off the network (unplugged the cable). Ran my antivirus but it was locked out of its kernal and also loocked out of the MBR (Master Boot Record) and a lot of other system tools. Possible big problem!
On checking it appears I have installed something that got past my Virus scanner so it is possibly spyware (keylogger more than likely), Installed itself in the MBR so that it will start before everything else and stuffed the Antivirus. Nice.
So to fix I could reformat and reinstall the OS but that would still leave the MBR and still leave Mr bug. Boot from a DOS disk and run FDISK/MBR to rebuild MBR - catch to this is that the drive is a SATA and no DOS drivers. Also I didn't really want to do all that renstalling again.
So have run 3 seperate Anti spyware tools, 2 different antiviruses and a Anti rootkit, each picking up something and deleting it. I still had a problem with the MBR infected. Boot from Windows XP CD and off into my favourite place the "Restore Console" Logon to the Windows on the Hard drive and run "FIXMBR", gave me a summary that the MBR was not standard and did I want to rebuild it - I opted for yes. Exited out and shut my eyes as the PC rebooted (fixing MBRs is not guaranteed success and by the way playing in Restore Console is not for the faint hearted) PC booted and now every anti thingy software I have reports a clean system. PC working normally.
The question is has it gone?????????????
Rebooted still doing the same. Hmm, possible problem. Took the PC off the network (unplugged the cable). Ran my antivirus but it was locked out of its kernal and also loocked out of the MBR (Master Boot Record) and a lot of other system tools. Possible big problem!
On checking it appears I have installed something that got past my Virus scanner so it is possibly spyware (keylogger more than likely), Installed itself in the MBR so that it will start before everything else and stuffed the Antivirus. Nice.
So to fix I could reformat and reinstall the OS but that would still leave the MBR and still leave Mr bug. Boot from a DOS disk and run FDISK/MBR to rebuild MBR - catch to this is that the drive is a SATA and no DOS drivers. Also I didn't really want to do all that renstalling again.
So have run 3 seperate Anti spyware tools, 2 different antiviruses and a Anti rootkit, each picking up something and deleting it. I still had a problem with the MBR infected. Boot from Windows XP CD and off into my favourite place the "Restore Console" Logon to the Windows on the Hard drive and run "FIXMBR", gave me a summary that the MBR was not standard and did I want to rebuild it - I opted for yes. Exited out and shut my eyes as the PC rebooted (fixing MBRs is not guaranteed success and by the way playing in Restore Console is not for the faint hearted) PC booted and now every anti thingy software I have reports a clean system. PC working normally.
The question is has it gone?????????????
Comments
Hope you git rid of the little sucker and you are virus free from now on!
Also I know who I'm coming to if I ever get one!