duncan Posted January 3, 2011 Report Share Posted January 3, 2011 Tricky Christmas Present. After a few months with no malware detections. Running MSE, Immunet and Comodo as well as various on-demand scanners. I started getting an error on bootup which refered to ‘autochek.exe not found’. After a few hours on the net researching this error I managed to download a batch file that replaced ‘BootExecute’ in the registry (which was what the problem seemed to refer to). This got rid of the error and all seemed ok. Meanwhile ‘this error’ had stopped me doing a system backup as the backup software I was using reboots the system and starts backup from startup. This would not work as the ‘autochek error’ was stopping a normal reboot. So I downloaded ‘Easeus Backup’ and did a full system backup to a spare drive from windows. After running autoruns and disabling a few suspect autostart programs. I then ran 3 scanners at the same time and went to bed. The next morning I checked the scanner logs and there was a virus deleted namely ‘Worm:Win32/Conficker.B!inf’ log states: Category: Worm Description: This program is dangerous and self-propagates over a network connection. Recommended action: Remove this software immediately. Items: containerfile:E:\autorun.inf file:E:\autorun.inf->(UTF-16LE) "" Info on this ‘Worm’ below To cut a long story short, it infected my main system drive, stopped me making a backup, then disabled and made unusable my spare drive (backup drive). So I was left with an infected drive and an unusable backup drive. It took a lot of messing around to remount my backup drive and then format it. I also had to use windows recovery console from CD to do a proper chkdsk as the worm disabled chkdsk from working on my system drive. I then made a complete backup with ‘Easeus’ to my remounted backup drive. Had I not caught, removed and fixed the damage that this worm did. I could be sitting here now with no system drive, no backup drive, months of work and data lost, etc.... Close shave and thats with full security software, firewall etc. And a full recent system backup. Well I have a clean up-to-date, working system and a full clean, working, up-to-date backup again now. Watch the video which shows 3 malware scanners running at the same time on my fairly basic system and note that MSE, Immunet and comodo are all running as well. (video is only 4meg so is low res) http://www.youtube.com/watch?v=bAgbDuP5YNM Read the virus report and bulletin and notice how it stops you from accesing anti-malware etc. http://www.microsoft...n/MS08-067.mspx http://www.microsoft...atid=2147618577 One last thing > running these 2 anti-virus and 1 firewall programs does not use much system resources and other than a slow startup you would not really know that they are active. get all the good free security software here Have a Happy and Safe New Year. Windows XP - sp3 AMD Sempron 2600+ 1.5 gig ram 128mb video card 3G internet connection Opera 11 Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.