bnetta opened this issue on Apr 30, 2006 ยท 38 posts
arcady posted Sun, 30 April 2006 at 3:47 PM
It is getting into files and inserting itself in the parts of them that are 'hidden / unused'. Windows organizes data on your computer in 'blocks' that are often larger than what it fills them with. I think this is where it is hiding - so that it looks like it is not actually there. It then copies itself into all the 'exe' files on your hard drive, and then uses anything on your computer it can to send itself to any contacts you might have - mostly peer to peer such as instant messaging and wareze downloaders, but I suspect a few other means as well. Many legitimate programs also have things in them that send data across the net, not always with your permission. You can probably get / recieve this thing through those. One of the problems this virus causes is to get itself into the 'wrong' parts of memory of a program, causing it to crash. It can also mess up saving of files - and it will insert itself into any 'exe' you save off the net - such as a daz download... Another problem is that this virus turns your PC into a host for peer-to-peer networks, and uses up your bandwidth for that... I suspect this is behind all the router resets and slower connections I have been suffering in the past month... I suggest getting the tool here: http://download.drweb.com/drweb+cureit/ And running that to cure your PC. If you can, download that tool on a computer you -KNOW- is not infected. Like a mactintosh, or an OLD PC that you no longer plug into the internet... Burn it to a CD with a closed session, and run it from the CD with your PC in safe-mode -AFTER- you have also turned off system restore and deleted all your old restore points. I also put these on my CD: http://www.bitdefender.com/VIRUS-1000066-en--Win32.Polipos.A.html http://www.avast.com/eng/free_virus_protectio.html After I cured my PC, I installed 'avast' from the CD, and ran it again to see what else it could find. Likewise everytime I ran drweb I also ran bitdefender - to get the opinion of two competing companies rather than just one. One final note. Before you boot up in safe mode to clean your PC, unplug it, if there is an off switch to the power supply on the back, turn that off. If you know how to safely remove RAM chips, pull them out. Then let it sit for 5-30 minutes, until it gets cold ( :p This is overdoing it a little - 2-5 minutes usually works, but best to be safe than sorry). Then plug it in and do the cureit. The purpose of that is to clean out all the 'preserved memory' that windows keeps around between reboots - in which this thing hides.
Truth has no value without backing by unfounded belief.
Renderosity
Gallery