Virus? how does it even exist? - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Tech Talk (/forumdisplay.php?fid=17)
+----- Thread: Virus? how does it even exist? (/showthread.php?tid=89902)
Virus? how does it even exist? by M73A on 03-26-2009 at 07:15 PM
Antivirus: Nod32
Windows: XP
I dont have a E: drive, but my antivirus says autorun.inf is infected with a worm, its come up a few times now...
screenshot:
RE: Virus? how does it even exist? by Menthix on 03-26-2009 at 07:37 PM
Does it do anything when you type "E:\" in explorer manually (without the quotes)?
Might also have been a removable drive (USB device?), or worst case a virus hiding on it's own virtual drive.
RE: Virus? how does it even exist? by MeEtc on 03-26-2009 at 07:39 PM
Start > Run > diskmgmt.msc
Some disks ship with a hidden recovery partition. If you look on there, it will show you if there are any hidden partitions on the disk
RE: Virus? how does it even exist? by M73A on 03-26-2009 at 08:13 PM
quote:
Originally posted by Menthix
Does it do anything when you type "E:\" in explorer manually (without the quotes)?
Might also have been a removable drive (USB device?), or worst case a virus hiding on it's own virtual drive.
hm my parents dont have pen drives, although the printer has a memory card slot that shows up.
but that wasnt on when this virus alert appeared last...
quote:
Originally posted by MeEtc
Start > Run > diskmgmt.msc
Some disks ship with a hidden recovery partition. If you look on there, it will show you if there are any hidden partitions on the disk
just C: and D:
....
well im running in depth scans and stuff now so... hmmmm!
RE: Virus? how does it even exist? by ShawnZ on 03-26-2009 at 08:15 PM
ahahah you have a rootkit
quote:
Originally posted by James Potter
ESET Nod32 sucks! =[
Go for BitDefender Total Security, it is an utterly professional Antivirus solution and stuff. Moreover, if you PM me, you might be able to obtain a method to get it working for 4,000 days.
nod32 is WAYYYYYYYYY better than bitdefender.
RE: Virus? how does it even exist? by M73A on 03-26-2009 at 09:34 PM
is it a rootkit then?
RE: Virus? how does it even exist? by kezz on 03-27-2009 at 10:45 AM
Back on topic please.
The only thing I can think of is the earlier suggestion of a removable storage device. Those usually have an autorun file as well.
RE: Virus? how does it even exist? by TheSteve on 03-27-2009 at 03:00 PM
If you open the command prompt and type
c:\folder\you\are\in> e:
does it change to drive e or say invalid drive?
RE: Virus? how does it even exist? by M73A on 03-27-2009 at 09:59 PM
will see fi the problem persists
RE: Virus? how does it even exist? by M73A on 04-01-2009 at 06:36 PM
Right well, the virus is:
Win32/Autorun.Agent.JM Worm
It pops up whenever a usb device (even my printer which has removable storage) is turned on/ plugged in to the computer
When the device is in, the warning message comes up, saying it has been moved to quarantine, but closing it, it will come back a few seconds later.
Googling just took me to a list of virus's that NOD32 virus now finds in its updates.... nothing about removing it.
Can anyone help with this?
thanks
RE: Virus? how does it even exist? by Quantum on 04-01-2009 at 06:54 PM
Win32/Autorun.Agent.JM Worm
Thats usually a pen drive virus (or any dervice that can autorun). As soon as you put an infected pen drive into your computer it copies alot of sensitive information (like passwords, settings or configs etc) onto the removeable secretly.
Disabling 'Autorun' fixes this.
http://www.scribd.com/doc/2353773/Step-By-Step-Ma...lete-Autorun-Virus
Goooooood Luck.
RE: RE: Virus? how does it even exist? by CookieRevised on 04-01-2009 at 08:01 PM
quote:Those instructions are for one particular AutoRun virus (and it isn't nowhere mentionned which one; so are you sure those are the instructions for the virus M73A has??
Originally posted by Quantum
Win32/Autorun.Agent.JM Worm
Thats usually a pen drive virus (or any dervice that can autorun). As soon as you put an infected pen drive into your computer it copies alot of sensitive information (like passwords, settings or configs etc) onto the removeable secretly.
Disabling 'Autorun' fixes this.
http://www.scribd.com/doc/2353773/Step-By-Step-Ma...lete-Autorun-Virus
Each AutoRun virus works in a slithly different way and thus will have slightly different things you need to do to remove it. Also, each of those virusses have probably many variants which probably use different files...
And after a quick search on the net it confirms my remark that the above instructions are not for the particular virus M73A has.
eg: one variant: http://vil.nai.com/vil/content/v_142684.htm
There are at least 16 variants of this virus, M73A has the JM variant according to his previous post.
RE: Virus? how does it even exist? by M73A on 04-02-2009 at 05:04 PM
so any idea what should be my next course of action? 
am i looking at a format?
edit:
could be ipod related