1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Unknown virus in fresh Win2K install; severe!

Discussion in 'Windows XP' started by VinceIP, Feb 11, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. VinceIP

    VinceIP Thread Starter

    Joined:
    Feb 11, 2007
    Messages:
    12
    I recently decided to switch from Windows XP to Windows 2000, since XP is very slow on my old computer. I did a fresh install, on a fresh partition of my completely blank 20 gig hard drive. All went well. I installed the drivers for my SATA PCI controller and my network card.

    As soon as I plugged in my ethernet cable (I have 1.5 MB DSL service), I started getting popup windows giving me links to fake virus scanning sites, saying my system has critical errors, etc. I know this is all fake. I ignored it at first, but then they just kept coming. It's not just the same message, either; I see about 10 different ones popping up every few minutes or so. Here's what they look like:

    [​IMG]

    [​IMG]

    Like I said, at first, I just ignored it, and used my computer like normal. The longer I was connected to the internet, my computer's performance just got worse, and worse... I immediately installed Spybot and scanned, finding nothing wrong, except some tracking cookies from MSN.com. By the time I went to install Adaware and AVG, my computer lagged and slowed so much it because unusable. On reboots, the popup windows fill my screen and my desktop doesn't load. (Note: I was using IE to download K-Melon browser, which is secure and based off Firefox's code)

    I reformatted and reinstalled, and still had the same virus. My PC was just fine when I waited to install my network card drivers, so I enjoyed my computer for a few hours before connecting to the internet, when the popups came right back again. I reinstalled Windows 2K a 3rd time, but before connecting to the internet, turned my network security preferences up to max in Internet Options, and changed my homepage to Google. Still, same popups.

    Now I really don't know what to do. Any virus scanner I use gives me no virus results or anything. I think there could be a virus embedded into my Windows 2K installation disc. I just need a way to purge it quickly before it overwhelms my computer. Any ideas?

    Thank god for LiveCD Linux distros...
     
  2. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
  3. Old Rich

    Old Rich

    Joined:
    Jan 17, 2003
    Messages:
    10,254
    Two things to think about:

    1. Install a router between your DSL modem and the pc
    2 Download and burn SP4 to a cd to use immediately after your next installation, before going online and before any other drivers
     
  4. VinceIP

    VinceIP Thread Starter

    Joined:
    Feb 11, 2007
    Messages:
    12
    Great, thanks. I'm going to go give this a try and report back. Hopefully this will also put a stop to my computer's unusually sluggish behavior.

    EDIT:
    I have a D-Link router. Usually the only time I use it is when I need internet acces to my Xbox and PC at once. The rest of the time my modem is direct connected to my PC. I do this because my router is randomly disconneted from the internet after about 2 hours time or so, and I have to restart it to regain a connection. I've been told it has something to do with my modem dropping and renewing my IP address, and my router not being compatiable with that (networking is not my expertise).

    I already have SP4 installed as well. It's included in my installation disc.
     
  5. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    apparently you didn't think about any av protection b4 you got on the internet.
     
  6. VinceIP

    VinceIP Thread Starter

    Joined:
    Feb 11, 2007
    Messages:
    12
    Well of course I did! My first action was to go download a safe browser, then pick up a firewall and the usual spy/adware and anti-virus stuff.
     
  7. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Ignore the side comments, windows messenger is allowing those in and disabling it will do it

    SP2 in XP stopped that but W2K did not get the same fix
     
  8. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    dl a "safe browser",firewall, spy-adware....all thru the internet.

    i install the av protection after the os is up and running, then sp4 for 2k, then the rest of the apps.
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    bearone you are asumming a whole lot without seeing the details via a hjt log!!!!!

    The obvious problem is messenger!
     
  10. Old Rich

    Old Rich

    Joined:
    Jan 17, 2003
    Messages:
    10,254
    I'll consider myself ignored . .
     
  11. VinceIP

    VinceIP Thread Starter

    Joined:
    Feb 11, 2007
    Messages:
    12
    Ok, so I disabled Messenger. It stopped the messages, but my PC is still really sluggish. Maybe I just need to freshly reboot it. It took a very long time to boot into Windows. My desktop wouldn't load after 5 minutes, and I was starring at a blank blue screen. I CTRL + ALT + DELed into the task manager and ran services.msc, which took another 2 minutes to come up. I should also mention that the performance tab in the task manager tells me my CPU usage was 100%.

    Then I went to shut down... I waited another long time until I just pushed the power off button on my PC, then booted into Linux. If Windows speeds back up again, I plan to immediately set up ZoneAlarm, Spybot, and Adaware.
     
  12. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    which hjt log would that be?

    no, the obvious problem is all the the stuff downloaded/accessed by the internet connection without av protection.

    the more sites visited for all the freebies is the biggest problem and messenger didn't help.:cool:
     
  13. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Now that we have solved the messages post a hijack log to see what else may be there

    Click here to download HJTsetup.exe:

    http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item5
    Scroll down to the download section

    Save HJTsetup.exe to your desktop.

    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     
  14. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Obviously you didn't see the OP last post - the messages are gone

    <<which hjt log would that be?>>

    Exactly, you had no view into the OP's system and made *** u mptions
     
  15. VinceIP

    VinceIP Thread Starter

    Joined:
    Feb 11, 2007
    Messages:
    12
    I'm going to try to download Hijack This, but last time I couldn't even open up my browser because of Windows moving so slowly.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/543308

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice