|
Welcome to the Australian Ford Forums forum. You are currently viewing our boards as a guest which gives you limited access to view most discussions and inserts advertising. By joining our free community you will have access to post topics, communicate privately with other members, respond to polls, upload content and access many other special features without post based advertising banners. Registration is simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. Please Note: All new registrations go through a manual approval queue to keep spammers out. This is checked twice each day so there will be a delay before your registration is activated. |
|
The Bar For non Automotive Related Chat |
|
Thread Tools | Display Modes |
08-11-2007, 02:15 PM | #36 | ||
XR5 Pilot
Join Date: Dec 2004
Location: Perth, Ex NSW
Posts: 1,455
|
Sounds to me like you may have got a USB born virus.
They hide in .inf script on the Host drive until it is "awoken" when plugged into the Machine. What it then does is piggyback out on your windows services ports to call a parent server somewhere out there online and download any of the virus files you may try and delete. In addition to that, it may also hide in your .dll files within the System32 directory protecting itself behind windows' system file protection failsafe. A couple of programs I can recommend are Hijackthis www.hijackthis.de ...follow the prompts and copy and paste the log the program generates onto the website and it will analyse it with the most up to date definitions it has. It may alert you to some nasties hiding on your machine. File Unlocker is also a nifty tool to delete protected files (only if you're sure its the right *bad* file. Disable system restore as others have said as it may well hide in the restore libraries on your machine. Go into safemode to give to the best possible chance at deleting the little critters. May also be worth while running a rootkit scan on your machine. (Available in Beta from Mcafee and a few other Big name AV companies) We use a customised version of Mcafee here at work and my company's security ops team work very closely with them to get definitions pushed out to remedy stuff that we come across in our daily travels. It works a treat. If all else fails, blow away the bastard with a format :P
__________________
'08 Ford Mondeo XR5 in Thunder |
||
Thread Tools | |
Display Modes | |
|