Computer Wizards... Please help!

J

Jeremy Reynolds

Joined
Jan 7, 2000
Messages
817
I got a hole of that stupid w32.badtrans virus that has been going around to a lot of BFC members. I followed the directions on Norton's site to clean the infected files... guess what? Norton sucks. They say to update antivirus: check. run scan on ALL files: check. Delete infected files: sounds easy, but the damn things don't delete because they are attached to a file that is running my computer. I know several members here have gotten this virus recently, and if any of you have figured out how to clean it out, please help me.

Mandantory Knife Content: If I can't get it taken care of, what knife is best to hack a lap top into little pieces?

Thanks.

JR
 
I suggest starting in safe mode then attempt to run your Norton virus scan. This should prevent the infected file(s) from loading.
 
for hacking apart one's computer I recommend either one of them large busses or a large TH Rinaldi...
 
Is a chainsaw considered to be a knife?


Or, since you apparently have internet access I would try running a search for this w32.badtrans thing, as sometimes you can find and download freeware that people have created to eliminate a specific virus. In my limited experience I have found this to work better than an all in one antivirus program.
 
If all else fails or you are spending too much time working on it, rebuild it. I have Bootable CD images of my system that I can reload in about 20 minutes and have a "fresh" system.

Good luck.

S.
 
Are you scanning, cleaning, ,restarting, then scanning again? Do they come back when you do this? If so try the free scan software @

http://www.pandasoftware.com/

might help. Good luck...

Edit:
Oh yes, the knife content. You probably want something big and beefy for destroying hardware, although a small disection might be more satisfiying. Probably personal preference...
 
That Badtrans virus really has me chasing my tail. The main file it screwed with is kernel32.dll. After hours and hours of pounding my head on my monitor screen and laughing hysterically I finally struck on an idea. Since Norton reported that it couldn't fix that particular file but I needed to delete it that's exactly what I tried to do. I went to Windows Explorer and located that file and as soon as I clicked on it Norton popped up with its all knowing 'hey! that file is infected with a virus!!!' infomercial and when I clicked on quarantine the file Norton finally did it. But, it created another kernel32 file with VIR for the extension. The file pic has a bug with a question mark superimposed on it now.

Well, the cornfusing part is that the kernel32.vir file is 29k in size. The new kernel32.dll file is 460k. I got a good friend to send me a copy of their uninfected kernel32.dll and it was 67 bytes! WTF??? I haven't done anything yet but I was going to rename the big new file as a bak file and copy the downloaded file into the directory and then reboot. But I got a bad feeling about doing that and decided to wait till a better idea came along. I'm still waiting and have done searches and pestered that Symantec site till they're about ready to kick me out of there. No results.

The only reason I'm fooling with it now is that my system is doing all kinds of crazy **** and I can't figure out whether to **** or go blind. I'm about ready to take a chainsaw to it and live a happier life with less distraction. But since that's not really an option I gotta figger this thing out so I can get things back to a semblance of normal.

Hey Sidewinder! How in the world do you get a CD to be bootable? And how do you mirror your drive for instant recovery in event of a crash? That sounds like magic to me. Smoke and mirrors kind of stuff. I would sure appreciate it if you could share your secret with us. I've been wondering how to back up my system to CD's for a long while now. But not enough to get really serious about it till now. Thanks for the help in advance. And I'll post any solutions I find here if I ever find any for this stinking Badtrans virus.
 
Concerning the cd "image" of your system...programs like Symantec's Ghost.

Booting from CDs...go into your bios and you have the option of which drives you want to boot from.

As to what Sidewinder is specifically using, he'll have to elaborate--I'm just another user surrounded by smart people;)

regards,
Glenmore
 
I just posted the same thread in "community"! I can't get rid of this virus. I followed ALL the online instructions on how to delete THIS specific virus and Norton CAN"T do it!! This is really pissing me off!! What do I do?
 
BadTrans computer virus strikes

A sneaky Windows computer virus is circulating that tries to install software that monitors what users are typing and passes it to the malicious program's creator.

Like many of the other computer viruses that have struck in recent months, BadTrans-B attempts to spread by exploiting weaknesses in Microsoft e-mail programs.

One anti-virus company has caught over 20,000 copies of the virus in the last 24 hours.

The UK, Germany and US are the countries most seriously infected by the virus.

Old holes

The BadTrans-B virus is spreading swiftly because, unlike many other e-mail viruses, the pernicious payload that helps it raid Microsoft Outlook address books does not have to be clicked on to set it off.

Simply previewing the item could cause infection. The loophole the virus exploits was first discovered in early 2001.

Badtrans-B file names

humour
docs
s3msong
me_nude
card
searchurl
you_are_fat!
news_doc
images
pics

"It's baffling to find that even though Microsoft secured that hole eight months ago, many users have still not applied the patch," said Graham Cluley of anti-virus firm Sophos.

When the virus mails itself to the contacts in the address books it raids, the virus uses a subject line from an existing message to make it appear to be a legitimate reply.

The virus also regularly swaps the name of the attachment travelling with it, in an attempt to conceal its pernicious payload.

BadTrans-B is a variant of the original BadTrans virus that was first discovered in April.

BT Openworld error

As well as raiding Outlook and Outlook Express address books, the virus also tries to implant a hidden program that tries to send an identifying net address to the author of the virus.

The hidden program also monitors what users are typing and the information it tracks could be used by a malicious hacker to steal credit card information or passwords for websites.

Britain seems to have been hit hard by the BadTrans-B Windows virus. Anti-virus firm Message Labs, which logs the numbers of pernicious programs it traps, has caught over 21,000 copies of BadTrans-B in the last 24 hours. Over 50% of these originated in Britain.

The spread of the virus was inadvertently helped by BT Openworld, which accidentally e-mailed a copy of the virus to its customers.

Internet links:

Sophos http://www.sophos.com/
Symantec http://www.symantec.com/
Message Labs http://www.messagelabs.com/
McAfee http://www.mcafee.com/
 
You must log in or register to reply here.
Back
Top