Interesting virus…

175 pts.
Tags:
Microsoft Windows Vista
Security
virus
Viruses
Windows Vista
I came across an interesting virus while fixing my neighbour's laptop last night. Basically, here's what it did:

<p>1. Replicate the desktop (Vista)</p>

<p>2. Spit out multiple error messages about the hard drive being corrupt.</p>

<p>3. Popped up a window that looked exactly like the MS "there is a fatal error, try and fix?" message.</p>

<p> 4. Allowed you to click fix, and it would then run a diagnostic tool. The results would basically tell you the h/d, memory...pretty much everything was corrupt.</p>

<p> 5. Disabled access to safe mode!</p>

<p> There were probably a few other symptoms, but that's the majority. I ended up taking out the h/d and connecting it to my pc so I could get the important user files off, then reinstalled the OS. That obviously worked fine, but I've never seen a virus like that one...it was pretty well done. The only thing that made me think it was a virus rather than a hardware failure was that it loaded with the desktop background intact, but then disabled it quickly in favour of a black screen (as opposed to getting a bsod for example). Has anyone else come across anything similar?</p>



Software/Hardware used:
Windows Vista, Toshiba laptop
ASKED: November 16, 2011  3:19 PM
UPDATED: November 16, 2011  7:21 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

actually, I have seen something simular. Traced it to a reflexive dll that compiled in GPU. I since disabled ALL activeX controls in IE5.5-6 and have not seen it again. I would venture a guess that it is a structured atack as I have not seen anything simular since or about it, that is, until your post. ReImage fixed the problem in my case, along with the above mentioned “Custom” Security settings in IE for ALL zones not loading activeX controls.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Pappaous
    I also set desktop GUI to best performance to prevent GUI buffer overuns.
    25 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following