Welcome to the Australian Ford Forums forum.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and inserts advertising. By joining our free community you will have access to post topics, communicate privately with other members, respond to polls, upload content and access many other special features without post based advertising banners. Registration is simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Please Note: All new registrations go through a manual approval queue to keep spammers out. This is checked twice each day so there will be a delay before your registration is activated.

Go Back   Australian Ford Forums > General Topics > Non Ford Related Community Forums > The Bar

The Bar For non Automotive Related Chat

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 08-11-2007, 02:15 PM   #36
Bucket
XR5 Pilot
 
Bucket's Avatar
 
Join Date: Dec 2004
Location: Perth, Ex NSW
Posts: 1,455
Default

Sounds to me like you may have got a USB born virus.
They hide in .inf script on the Host drive until it is "awoken" when plugged into the Machine.
What it then does is piggyback out on your windows services ports to call a parent server somewhere out there online and download any of the virus files you may try and delete.
In addition to that, it may also hide in your .dll files within the System32 directory protecting itself behind windows' system file protection failsafe.
A couple of programs I can recommend are

Hijackthis www.hijackthis.de ...follow the prompts and copy and paste the log the program generates onto the website and it will analyse it with the most up to date definitions it has. It may alert you to some nasties hiding on your machine.

File Unlocker is also a nifty tool to delete protected files (only if you're sure its the right *bad* file.

Disable system restore as others have said as it may well hide in the restore libraries on your machine.

Go into safemode to give to the best possible chance at deleting the little critters.
May also be worth while running a rootkit scan on your machine. (Available in Beta from Mcafee and a few other Big name AV companies)

We use a customised version of Mcafee here at work and my company's security ops team work very closely with them to get definitions pushed out to remedy stuff that we come across in our daily travels. It works a treat.



If all else fails, blow away the bastard with a format :P
__________________
'08 Ford Mondeo XR5 in Thunder
Bucket is offline   Reply With Quote Multi-Quote with this Post
 

Thread Tools
Display Modes

Forum Jump


All times are GMT +11. The time now is 12:24 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Other than what is legally copyrighted by the respective owners, this site is copyright www.fordforums.com.au
Positive SSL