Ultimate RC - Forum Archives

Okay, so at some point in my escapades on Kazaa yesterday I got some sort of odd file claiming to be a No-CD crack for Red Alert 2. Since I lost my CD and gave the Allied CD to my friend, I figured it was worth a shot. I ran Norton (with definitions updated that day) on the file before running it. After running it, nothing happened except about 40 new (fake) programs appeared in my shared folder.

So, I deleted all of them. A few minutes later, I tried to open Task manager via Ctrl-Alt-Del. Nothing happened. So I tried again. This time it blinked in and out so quickly that I couldn't see anything. I decided to do a full Norton system scan. An hour later, it finished and had found nothing on either hard drive.

I tried to run msconfig to see what was loading with the computer since I had restarted several times and still not been able to run Task Manager. msconfig won't load either. I tried the other user profile on this computer and met with similar failure. I also discovered that I could take a screenshot of the running processes when Task Manager popped up via the nifty Print Scrn function of XP. After getting a shot of the processes, I looked them all up. All are genuine. What the...?

Finally, I restarted in safe mode. Everything worked fine. I turned off the only unfamiliar process in msconfig and found nothing strange in Task Manager. Restart. Same problem. Any ideas?

Sounds like you might have some sort of trojan dropper! I dunno though, I could be wrong! 0]

Make sure you don't type any passwords into any sites while this thing is active. It could have a network-aware keylogger...

i have a similiar problem: i never had a virus prior to this (thank you norton), but yesterday i got a winlogon.exe virus somehow. it puts links to porn sites on my favorites list, and my homepage is bizonio.com/find. this really annoys me because i cannot delete the links or change my homepage. it all goes back when restarted. i found the exe file, and tried to delete it, but it wouldnt let me do it. i even tried to do it from startup in programs, but still no dice.

arif

Arif does it say somehting like "Cannot delete, it may be in use by another process or application"


ND4, cant help ya sorry.

yea, exactly. how do i delete the file that makes it run?

Open the Task manager and see what processes are running. There you should be able to end the process.

Marcus, that sounds really bad. If no XP function or Norton scan is working, you have a serious problem. If it comes to formatting the hard drive, I can bring my external drive over for backup (faster than the network).

i tried, it says that this is a critical system process. task manager cannot end this process.

madrusty289 said:
Marcus, that sounds really bad. If no XP function or Norton scan is working, you have a serious problem. If it comes to formatting the hard drive, I can bring my external drive over for backup (faster than the network).
XP is working, everything but msconfig and Task Manager. As for Norton, it works, but apparently there's no virus.

I was actually considering wiping the drive and reinstalling Windows on my huge drive instead of the tiny one. Thanks for the help...I'll call you if we're gonna have an fdisk party. :lol:

Fdisk party at Marcus' house! :rollin:

Ah, the virus?trojan? knows exactly where it hurts you most- by disabling the functions that can destroy it.

Arif, run in safe mode, and you should be able to delete it because foreign startup items wont start up in safe mode.

the only solutions to your problems is to format the HDD, i've got a great tut. on it!

but, it's on my laptop.

there is a tut on www.annoyances.org