Nasty virus renders system unpatchable!

J

Jafar

Hi all

I have a nasty one but can't identify it.
(I'm running on WinXP Pro which was freshly re-installed but was connected
to the net and browsing for about an hour before installing anti-virus
software.)

I now have a virus? which does these things....

1) It won't let my resident antivirus software run (AVG but the same with
others I've tried). I can do manual scans but they come up with no problem
reported. Tried to re-start resident protection but it quits out.

2) Before I connect to the net I get a popup saying myself or a program has
requested access to the net for a site at tracerout.2-1337-4u.de
I can't even start the connection to the net until this popup appears as the
system locks up if I attempt to establish a connection or browse the
network connections from "My Computer" beforehand.

3) There is an svchost.exe (there is actually 4 instances of svchost.exe)
process using up around 76% of cpu on average. This may be causing the
frequent lockups of the system and intermittent stuttering of applications
including, annoyingly, games.

4) I tried to search my registry with regedit and it quits after about 5
seconds.

5) msconfig also quits when I try to access the startup tab.

6) I tried to do an update and but none of the updates actually install.
WinXP SP1 gets to the installer but quits with giving an error.

Is this a virus that knows your after it and retaliates by rendering the
system unpatchable?
Does anyone have an idea what this thing is before I give up and re-install
again?

Many thanks

Jafar
 
D

Dan Shackelford

Hi all

I have a nasty one but can't identify it. (I'm running on WinXP Pro which
was freshly re-installed but was connected to the net and browsing for
about an hour before installing anti-virus software.)

I now have a virus? which does these things....

1) It won't let my resident antivirus software run (AVG but the same with
others I've tried). I can do manual scans but they come up with no problem
reported. Tried to re-start resident protection but it quits out.

2) Before I connect to the net I get a popup saying myself or a program
has requested access to the net for a site at tracerout.2-1337-4u.de I
can't even start the connection to the net until this popup appears as the
system locks up if I attempt to establish a connection or browse the
network connections from "My Computer" beforehand.

3) There is an svchost.exe (there is actually 4 instances of svchost.exe)
process using up around 76% of cpu on average. This may be causing the
frequent lockups of the system and intermittent stuttering of applications
including, annoyingly, games.

4) I tried to search my registry with regedit and it quits after about 5
seconds.

5) msconfig also quits when I try to access the startup tab.

6) I tried to do an update and but none of the updates actually install.
WinXP SP1 gets to the installer but quits with giving an error.

Is this a virus that knows your after it and retaliates by rendering the
system unpatchable?
Does anyone have an idea what this thing is before I give up and
re-install again?

Many thanks

Jafar
Click to expand...

Have you gone to http://housecall.antivirus.com and done the online scan
to see if that fixes the problem? You may need to disable your "restore"
feature because if the virus is in the restore volume, the OS will not
allow access by the antivirus program to cure it. You can reenable
"restore" after you have been disinfected.
 
J

Jafar

Dan said:
Have you gone to http://housecall.antivirus.com and done the online scan
to see if that fixes the problem? You may need to disable your "restore"
feature because if the virus is in the restore volume, the OS will not
allow access by the antivirus program to cure it. You can reenable
"restore" after you have been disinfected.
Click to expand...

Thanks Dan :)

I did do the symantec online scan last night. Is the housecall one any
better? Symantec came up negative as did the normal AVG scan. I also
disabled restore on 1st boot as I treat it as an annoyance more than
anything so that probably isnt part of the problem.
I'll try the housecall scan when I reboot into windows later.
Thanks again.

Jafar
 
K

kurt wismer

Jafar said:
Hi all

I have a nasty one but can't identify it.
(I'm running on WinXP Pro which was freshly re-installed but was connected
to the net and browsing for about an hour before installing anti-virus
software.)

I now have a virus? which does these things....
Click to expand...

maybe... probably in fact, considering your symptoms... which one,
however, is hard to say...

try scanning after booting into safe mode... if that doesn't turn up
anything, try a different scanner (stinger
http://vil.nai.com/vil/stinger/ might help)...
 
R

Robert

Why don't you reinstall XP and get it patched before you connect to the
internet? It may be faster and safer.
 
J

Jafar

Robert said:
Why don't you reinstall XP and get it patched before you connect to the
internet? It may be faster and safer.
Click to expand...

Thanks. I'm about to do that but I still wanted to check it out so I could
somehow identify what it is and avoid it in the future. Needless to say,
virus checker is going to be installed before the network this time ;)

Jafar
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ARE THESE SYMPTOMS OF A VIRUS? 3
Virus Scan -when positive- disconnects the internet. 3
Virus Disabled System Restore & Windows Security 31
VIRUS QUESTION 11
bad virus 106
Nasty Virus 5
best free anti-virus is Avast? compatible with zonealarm 9
Virus: No Sound; Task Manager maxing out CPU 3

Top