# Virus or Trojan Vaporized Vista



## wakkierob (Mar 8, 2010)

I downloaded Microsofts own Security Suit from there site and installed it everything fine but then today wack the lot was being sucked dry. My net was being sucked up when I hit connect on my t-mobile broadband as soon as the connect button was pressed all the usage was suck into oblivion in a instent. I thought maybe its a hacker but i soon discovered that when i use it on my other pc it work with no usage only when loading pages like normal so it had to be something on my lappy but boom the hard drive had suddenly developed crashes on the explorer when roaming my partitions and usb drives for software!

HELP, HELP HELLLLLLLPPPPPP!!!!!!


----------



## dmbyer (Mar 11, 2010)

What's your network usage in task manager? Have a screenshot maybe?

Try getting a tool like Netlimiter to see what process is using the network.


----------



## wakkierob (Mar 11, 2010)

*It's a virus*

I think its some sort of virus  but here's my t-mobile connection pic


----------



## dr emulator (madmax) (Mar 12, 2010)

hi try this Malwarebytes_Anti-Malware it's from techpowerup's servers and comes highly recommended by me  scan your system and get back to us with what it says(don't forget to update it first)


----------



## TheLaughingMan (Mar 12, 2010)

If it is a virus it is a Denial of Service attack.  You should start by disconnecting the internet, since that is what it is affecting and run through your usual virus routine (whatever that may be).  10 to 1 you will find some process that you didn't install trying to connect to the internet.  Stop the service, remove files related, done.


----------



## Velvet Wafer (Mar 12, 2010)

TheLaughingMan said:


> If it is a virus it is a Denial of Service attack.  You should start by disconnecting the internet, since that is what it is affecting and run through your usual virus routine (whatever that may be).  10 to 1 you will find some process that you didn't install trying to connect to the internet.  Stop the service, remove files related, done.



isnt a random DoS not designated for a specific "victim", a Teardrop?

EDIT:
Nevermind, that was in win95 times... maybe wakkie has a personal enemy,that can hack, then? Nukers dont work anymore,these days,as far as i know.


----------



## TheLaughingMan (Mar 12, 2010)

Velvet Wafer said:


> isnt a random DoS not designated for a specific "victim", a Teardrop?
> 
> EDIT:
> Nevermind, that was in win95 times... maybe wakkie has a personal enemy,that can hack, then? Nukers dont work anymore,these days,as far as i know.



I don't know about Vista, but I have seem some cool DoS attacks in XP.  2 on my own personal system.  

I am not saying it is being specific.  He may have just got 1 computer infected and the other has not been infected.  You know you use your Desktop and laptop differently.  I don't even go the same web pages on my laptop.  It may not be a virus at all.  It could just be a failed process in Vista that just needs to be turned off.


----------



## Velvet Wafer (Mar 12, 2010)

Velvet Wafer said:


> isnt a random DoS not designated for a specific "victim", a Teardrop?
> 
> EDIT:
> Nevermind, that was in win95 times... maybe wakkie has a personal enemy,that can hack, then? Nukers dont work anymore,these days,as far as i know.





TheLaughingMan said:


> I don't know about Vista, but I have seem some cool DoS attacks in XP.  2 on my own personal system.
> 
> I am not saying it is being specific.  He may have just got 1 computer infected and the other has not been infected.  You know you use your Desktop and laptop differently.  I don't even go the same web pages on my laptop.  It may not be a virus at all.  It could just be a failed process in Vista that just needs to be turned off.



denial of service is a massive overflooding of a system with crap data (for example,requests), to simply crash it.
i dont think it can effect a system permanently, if it works like this:




its named denial of service, due to what it does to the attacked system
but im not that network guru, it has to do with functionalities of gigantiv networks, and is far from beeing totally understandable by me 
BUT as far as i know, a worm can also be programmed to spread, and then carry out a massive DoS on a Backbone, or Mainframe,after a specific,programmed time (Microsoft happened that often)
when 13 millions simultaneos requests hit a system, i bet you can imagine what happens ;-)


----------



## TheLaughingMan (Mar 12, 2010)

Velvet Wafer said:


> denial of service is a massive overflooding of a system with crap data (for example,requests), to simply crash it.
> i dont think it can effect a system permanently, if it works like this:
> http://www.emeraldinsight.com/fig/0460100501001.png
> its named denial of service, due to what it does to the attacked system
> ...



DoS come in various forms.  That is a network DoS, but you can have local ones as well.  As long as the virus primary goal is to prevent usage of your computer in some way by overloading it with crap data, it is a DoS.  Example:  I had a DoS worm that installed a fake printer on my computer.  It then requested the printer to print 80,000 documents of the letter A.  My computer began to queue/spool the pages and froze around 2,800 spooled documents.  It then used every clock cycle of my CPU to spool thus rendering my entire system useless.

Network DoS are just more famous because it use to be "the" way to bring down a website for hackers in the past.


----------



## Velvet Wafer (Mar 12, 2010)

TheLaughingMan said:


> DoS come in various forms.  That is a network DoS, but you can have local ones as well.  As long as the virus primary goal is to prevent usage of your computer in some way by overloading it with crap data, it is a DoS.  Example:  I had a DoS worm that installed a fake printer on my computer.  It then requested the printer to print 80,000 documents of the letter A.  My computer began to queue/spool the pages and froze around 2,800 spooled documents.  It then used every clock cycle of my CPU to spool thus rendering my entire system useless.
> 
> Network DoS are just more famous because it use to be "the" way to bring down a website for hackers in the past.



ah, again, i learned sth new!thanks!
that sounds logical, but that seems more like a evil hoax to piss off people all over the world. some hackers seem to have a strange kind of humor/intentions
luckily i never was infected by such a sucker, i had my biggest problems with sasser E,back in the days


----------



## TheLaughingMan (Mar 12, 2010)

I personally hate fake Virus scanner viruses because stupid people fall for that BS and I have to spend 6 hours fixing it.  Then another hour explaining what AVG/Avast/Kaspersky or whatever mood I am in that day is and why SuperAntiVirus Ultimate 5 WAS the virus.

Best one ever "started a scan" on my computer and told me I had 200 virus or some shit.  First off, it started a scan without permission from a weblink which is not possible.  Second, it was a Win98 themed box.....I was using Ubuntu 7.10.  I just closed the window and it never appeared again.

Anyway, lets wait an see what he reports have he like, you know, works on fixing the issue.


----------



## wakkierob (Mar 12, 2010)

It was some sort of worm, I searched Taskmanager couldn't find anything different, chkd taskschedular nothing, routed through the registry and deleted alot of strange number keys and some other stuff. I deleted temp, temperory internet files, cookies manually I also used the virus suite and nothing nothing nothing..... Then bang stread like wildfire and gobbled up files, corrupted startup mbr data then internet usage maxed probably trying to shove more in my computer then infected my USB and corrupted all my software bad bad bad. On my lappy I used a partition tool and migrated my file to another partition incase it did spread to usb. After usb dongle with storage worked fine on my desktop PC bang next time i turned on all errors not on the screen but when i went to read something it would say appcrash explorer all the time when i went to install anything on any drive partition. I had to do a complete re-install three times to get back to normal and still I haven't checked weather it's gone yet and i hope it won't explorer appcrash again I can't install sp1 or sp2 on it BOOOOOOOOO!!!!
I used the origianl Vista Upgrade CD to make a USB bootup and works exellent on my lappy so hopefully it will work if everything's not OK.
My biggest regret is I couldn't find out what it was if anyone has any ideas if it happens again mybe i can use the advice THANKS for reading WAKKIE!!!!

Also it would gobble up files on the way so some programs would complain error missing or corrupted files instead of the normal??


----------



## Velvet Wafer (Mar 12, 2010)

wakkierob said:


> It was some sort of worm, I searched Taskmanager couldn't find anything different, chkd taskschedular nothing, routed through the registry and deleted alot of strange number keys and some other stuff. I deleted temp, temperory internet files, cookies manually I also used the virus suite and nothing nothing nothing..... Then bang stread like wildfire and gobbled up files, corrupted startup mbr data then internet usage maxed probably trying to shove more in my computer then infected my USB and corrupted all my software bad bad bad. On my lappy I used a partition tool and migrated my file to another partition incase it did spread to usb. After usb dongle with storage worked fine on my desktop PC bang next time i turned on all errors not on the screen but when i went to read something it would say appcrash explorer all the time when i went to install anything on any drive partition. I had to do a complete re-install three times to get back to normal and still I haven't checked weather it's gone yet and i hope it won't explorer appcrash again I can't install sp1 or sp2 on it BOOOOOOOOO!!!!
> I used the origianl Vista Upgrade CD to make a USB bootup and works exellent on my lappy so hopefully it will work if everything's not OK.
> My biggest regret is I couldn't find out what it was if anyone has any ideas if it happens again mybe i can use the advice THANKS for reading WAKKIE!!!!
> 
> Also it would gobble up files on the way so some programs would complain error missing or corrupted files instead of the normal??



can it be, that you somehow catched a low-level hardware virus? i never encountered one, jsut heard of it. must be realllly bad!


----------

