Results 1 to 5 of 5

Thread: Can't recall virus reference

  1. #1
    Near Life Experienced TZ Veteran zipp51's Avatar
    Join Date
    Oct 2002
    Location
    Massachusetts
    Posts
    1,101

    Can't recall virus reference

    I built a computer for my nefew and I got a call last night that he was having trouble booting.While in windows,he says that the mouse pointer moves all by itself.He thinks he has a virus and I recall someone mentioning that symptom somewhere.He can't get into the recovery console,and the system is hanging trying to find the Primary slave drive.Earlier errors included a missing NTLDR file,but that doesn't even show up now.Anybody have any ideas or comments?
    The definition of insanity is doing the same thing over and over again and expecting different results.

  2. #2
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    It sounds like you have more than one problem. There are many Trojans that can allow someone to remotely control your mouse but if you are not detecting a drive in the boot phase then either the drive is faulty or the naughty person who took control may have zeroed the bootsector - that's nasty and spiteful.

    Disconnect the Primary slave and reboot - see what happens.
    I'm using Windows 7 - you got a problem with that?

  3. #3
    Near Life Experienced TZ Veteran zipp51's Avatar
    Join Date
    Oct 2002
    Location
    Massachusetts
    Posts
    1,101
    Thanks Curio,you seem knowledgeable about the seamy world of Viruses.I had my Nefew redetect the drive in the bios and it booted into windows,then the mouse pointer went wild again,programs loaded slowly and upon reboot we are looking for the Primary slave again.Even the recovery disks that I made won't boot.However the recovery partition did work,but after a full destructive restore the same symtoms started to appear slowly.I wonder if a trojan could hide itself in a partition made by itself and execute with just a start up?Hmmm.
    The definition of insanity is doing the same thing over and over again and expecting different results.

  4. #4
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    I know it sounds stupid but it could just be a faulty mouse, I had a client the other day with a faulty keyboard which did all wonderful things. It turned out that when you pressed the ALT key it locked down so everything you did after that was ALT+"whatever" she really thought she had a virus but as soon as she tried a new keyboard it all was OK.

    If you have done a wipe/reload procedure with a full re-install then there is no way for a malicious program to be started automatically, it needs to be added to the registry or a start up folder/file for that to happen. Well I say no way - there is one way but I have never seen it done. If you can obtain a Knoppix or PEBuilder disk to boot from the CDrom drive you can narrow it down to hardware or software, that is the best troubleshooting step as you are booting form a fixed and known good set of system files.

    PEBuilder can be downloaded from www.nu2.nu/pebuilder it's only a small download but you need a copy of the Windows XP disk to use in the creation of a PEBuilder disk.
    I'm using Windows 7 - you got a problem with that?

  5. #5
    Near Life Experienced TZ Veteran zipp51's Avatar
    Join Date
    Oct 2002
    Location
    Massachusetts
    Posts
    1,101
    My next step is to bring my IT tools and try to rebuild the MBR and or replace the NTLDR and i386\NTDETECT.COM files.But first,yes I will try a new mouse and keyboard. He lives about 115 miles from my house so it will be awhile.
    The definition of insanity is doing the same thing over and over again and expecting different results.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •