i'm being slammed by viruses

ozchris · #1 (**permalink**) 04-03-2006, 04:24 PM

is anyone else getting attacked by viruses today?

i run norton internet security, zonealarm, and for the last week my work made me add bitdefender (if i wanted to be allowed to connect to the network)

yesterday at around 8pm i got the standard msg saying norton had found a virus. it came thru spam email as usual. norton quarantined it.

then bitdefender pops in and says, hey, i found a virus in norton/quarantine folder. fine, delete it for me.

since then, the virus has repeatedly created hundreds more viruses. norton is having a fit trying to generate a warning for each one.

my thumb is getting sore from acknowledging each warning.

then bitdefender generates another warning.

i've disconnected my pc from the world, but keep getting the warnings.

the viruses are being created in the windows temp directory.

so i tried to go there and delete all files, but they don't seem to delete.

can i delete the windows/temp directory without going into it?

i've lost hours trying to clean up my pc (using my sons to type this)

any suggestions? its a mydoom variant.

MuNKyonline · #2 (**permalink**) 04-04-2006, 08:46 AM

Back up your files. Uninstall norton and install & update AVG antivirus free edition. Get hijackthis and run a scan. Post the scan results here.

If windows XP right click on my computer and go to properties. Go into system restore and turn it off.

Re-boot the machine into safemode (press F8 while the machine is booting up). Right click on the internet explorer shortcut and go to properties. Delete all your internet temporary files. Get a program called killbox and use it to delete any files that wont delete normally - only from the temp folder!

While still in safemode run a full scan with AVG and tell it to remove everything it finds.

Reboot the computer and post back here.

kgun · #3 (**permalink**) 04-04-2006, 04:17 PM

I think it is more complicated than only deleting the Windows temp folder. Do you have backups and can format your (system) disks and reinstall everything? It is a good rule to do that every n month. May take some hours, that may be worth the effort.

My experience. There is now so many viruses out there that you should use a battery of resources. Even the best cleaners do not find all. You find enough resources if you read in the right places in this forum.

Also use intrusion protection or at least a register blocker. That may protect against future unknown viruses.

Scenario: x viruses are in time interval t spread from y places. How long time will it take for the antvirusprograms to update their database on the new viruses?

Problem:
Do you think there are worms / viruses / spyware / trojans that has not been detected? Viruses may have infected a file, encapsulated itself in the file without having changed the size in bits of the file. That is possible.

Key word search. Reverse engineering OR disassembling AND encapsulated (viruses OR spyware OR trojans)

In XP:
1. Take regular screendumps of your processes (CTRL + ALT + DEL)
2. Run + msconfig. Look at what is checked at start etc.

Know the difference between administrator and user. Log in as user when you can.