Developer Forum

Hi,

We have a computer with a virus. At first it was just annoying
and slow, but now it (or something) shuts the computer down
as soon as it boots up. It's running Windows 2000, and I tried
starting it in safe mode by tapping F8 during boot-up, but was
never given the option. Is there a different way of getting into
safe mode than by doing that? I'm hoping it can be started in
safe mode and then run a virus scan...

Thanks for any help,
David

dshnavits@.snurgle writes:


Your time will be much better spent removing the disk drive, putting
it into a known clean machine, pulling your data off the drive,
reinstalling the drive into the original machine, and reinstalling
windows from original media including repartitioning and reformating
of the drive.

Once you've been comprimised by a piece of malware, you can't trust
the machine again, even if one or two antivirus programs detect and
claim to have removed viruses. AV programs by their
signature-recognition design don't know about all possible malware,
and there are plenty that even if they can detect, they can't reliably
clean all remnants or permutations from.

At best you'll get a clean but subtly broken/unreliably machine. At
worst, you'll still be part of a botnet with someone else owning your
machine.

You can spend hours and hours down teh wormhole trying to bandaid the
situation, or you can invest a fixed number of hours in reinstalling
the operating system. In my experience, you're much better off
doing the latter. You'll end up at a known point with a machine you
can trust.

Be sure to be behind a hardware firewall or disconnected while
installing, and behind a hardware firewall while downloading and
applying all windows updates, lest you get reinfected within an
average of about 20minutes (sans.org updates these stats) while
connected to the net with an unpatched Windows machine.

Best Regards,
--
Todd H.
http://www.yqcomputer.com/

David: try booting in Safe Mode and then run an up-to-date antivirus
application and do a system restore back in time before the virus
was installed.



-|Hi,
-|
-|We have a computer with a virus. At first it was just annoying
-|and slow, but now it (or something) shuts the computer down
-|as soon as it boots up. It's running Windows 2000, and I tried
-|starting it in safe mode by tapping F8 during boot-up, but was
-|never given the option. Is there a different way of getting into
-|safe mode than by doing that? I'm hoping it can be started in
-|safe mode and then run a virus scan...
-|
-|Thanks for any help,
-|David

You miss this part?

It's running Windows 2000, and I tried starting it in safe mode by
tapping F8 during boot-up, but was never given the option. Is there a
different way of getting into safe mode than by doing that? I'm
hoping it can be started in safe mode and then run a virus scan.

dshnavits@.snurgle wrote in



Don't do anything. You didn't do anything when you first
realized you had a virus, so who do something now? Trust it to
continue doing its thing and we will all be happier as a result.

A few weeks from now you might want to donate the computer to
Salvation Army or something, just tell them to fix it before
they sell it.

YOU should be watching TV.

Incredible.

--
"This is not nuclear. This is just a test."
- illyria

Did you make yourself an Emergency Repair disk? If you did you have just discovered what it was for.
Have a look at http://www.yqcomputer.com/
If you don't have a disk you probably need to find a Windows 2000 forum to see if someone can help
you there.