Calling all computer savvy people

May. 4th, 2004 07:09 pm
ellienihon: (Default)
[personal profile] ellienihon
I have caught this f*#&ing virus.
Win32.Parite


The virus consists of a dropper, which is witten in assembler, and the virus part itself, written in Borland C .

When an infected file is launched, the control flow is passed to the virus dropper, which writes the virus to a temporary file and executes its infection procedure.

The virus searches for Win32 EXE PE files with .scr and .exe extensions on all logical drives of computer, and also in shared resources of local network, and infects them.

The virus doesn't manifest itselfs presence in any way.

The structure of infected file looks like this:


Host file
Virus
dropper - drops "main" to TEMP dir and executes it.
main - searches for files and infects them, e.t.c.

Any suggestions? I don't know how to get rid of the TMP file, and the antivirus program tells me that ibmpmserver.exe is also infected and I can't erase that. In fact, from what I can tell, I need it. I'm ready to buy a memory stick and reinstall Windows, but if anyone has a better idea, I'd love to hear it.
  • Current Mood: bitchy
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

(no subject)

Date: 2004-05-04 06:34 am (UTC)
From: [identity profile] knowhereman1973.livejournal.com
Thats what I would do, But maybe someone else has a better idea?

(no subject)

Date: 2004-05-04 08:05 am (UTC)
From: [identity profile] thespeaker.livejournal.com
If you can get your PC running again, get a copy of Norton Antivirus (yeah, it'll cost you money), install it, get the latest updates for it off the web, and then use it to kill it.

If you can't get your PC running... A reinstall is sadly probably your best bet.

(no subject)

Date: 2004-05-05 02:24 am (UTC)
From: [identity profile] ellienihon.livejournal.com
Will Norton be able to kill it if AVG can`t?

(no subject)

Date: 2004-05-05 08:03 am (UTC)
From: [identity profile] enigmaticelf.livejournal.com
Norton is the best antivirus software out there hands down, particularly if you keep it updated. For now, another option, if you know the name of the virus or can recognize it (I'll forward the desc. around and see if I can ID it), you can to to Symantec and get the patch.

(no subject)

Date: 2004-05-05 08:07 am (UTC)
From: [identity profile] enigmaticelf.livejournal.com
Found it.

They don't provide a removal tool, but they do give detailed instructions on how you can manually remove it from your system. Good luck.

(no subject)

Date: 2004-05-05 08:12 am (UTC)
From: [identity profile] enigmaticelf.livejournal.com
Damn, I just reread it more carefully, and they don't give manual instructions, they give instructions on how to remove it using Norton, which you don't have. Ok, the next best option I can offer is "get a better antivirus software." (sorry)

(no subject)

Date: 2004-05-05 09:56 pm (UTC)
From: [identity profile] ellienihon.livejournal.com
Oh, but that tells me that if I get Norton, I can remove it, which is much better than reinstalling windows, to my mind. Thank you so much!

(no subject)

Date: 2004-05-05 11:46 am (UTC)
From: [identity profile] thespeaker.livejournal.com
No idea. It's worth a try though.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

ellienihon: (Default)
ellienihon

Navigation

August 2013

S M T W T F S
    123
45678910
11121314151617
18192021222324
25262728 293031

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated May. 24th, 2026 08:52 am
Powered by Dreamwidth Studios