Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Dr. Watson Postmortem Virus!

Author
Message
Matt Rock
19
Years of Service
User Offline
Joined: 5th Mar 2005
Location: Binghamton NY USA
Posted: 16th Mar 2005 10:22 Edited at: 11th Apr 2005 05:45
IMPORTANT!

There's a new virus on the net, and I was lucky enough to tango with it for the past three days. I'm making this post to inform all of you to keep your eyes open for it and I strongly suggest you print this thread and keep it near your computer just to be on the safe side.

How do you contract this virus?

These are the three methods that I'm aware of. The top is what got me in this mess, but hey, that's what I get for using my computer in bad ways:
(1) Illegally downloading movies (woops!), music, programs, or product keys using Bearshare, Kazaa, or probably any other P2P network
(2) Looking at pornographic websites
(3) Opening e-mails from unknown sources (I hope that's a given, though)

What does it do?

This virus infects and duplicates itself in files that pretend they belong to your operating system. From what I can tell, this is only a problem for XP users with SP2 installed. The virus de-activates (or otherwise tampers with) an old program packaged with XP called the Doctor Watson Postmortem Debugger. When the virus strikes, it locks your desktop, freezes the taskbar (from start to the system clock... the whole thing!) and continuously attempts to send an error report to Microsoft about the postmortem debugger. Even *if* you can run your anti-virus, and your anti-spyware/ adware stuff, the virus duplicates itself again and stays infested!

How do you get rid of it?

It took me forever to find the steps to get rid of this virus. Luckily I found a thread that speaks specifically about it. I'll give you all a link to said thread, but for some people who get this virus they can't access the internet in the first place (or anything else), so here's how to get back online, and what to do when you gain temporary control:

(1) on the desktop press ctrl+alt+del
(2) Under the "applications" tab (which should be open already), click "New Task"
(3) Type in "msconfig" (without the "" of course), and hit enter
(4) click on the "boot.ini" tab
(5) click SAFEBOOT, then click "networking" (this will boot your computer in safe mode, but give you access to the internet, which you will need!)
(6) When it asks you to reboot, say "yes"
(7) Go to the thread I posted below, read it in its entirety, and perform the steps they listed to remove the virus. It's somewhat complicated for less-experienced individuals, but it really is the only option you have. No virus detection/ deletion service or software can get rid of the nasty little bugger, so you'll have to stay on your toes when performing the tasks they explain to you. The link is:
http://www.thenerdnetwork.net/forums/viewtopic.php?t=3086&highlight=

I really hope this helps some of you if your PC gets sick with this virus! I figured all of you should be forwarned about the virus, seeing as how this site is full of tech-savvy individuals who spend far too much time on the net, hehe. Hopefully none of you will ever need this thread, but in the event you do, I hope I helped you in some way!

- Matt Rock

"Hell is an Irish Pub where it's St. Patrick's Day all of the time." ~ Christopher, *The Soprano's*
Mattman
21
Years of Service
User Offline
Joined: 5th Jun 2003
Location: East Lansing
Posted: 16th Mar 2005 10:26
How do you get a virus from VIEWING a site?

Have you ever met a girl that you tried to date, But instead of make love she wanted you to wait
Let me tell ya a story of my situation, I was talkin’ to this girl from the u.s. nation
Matt Rock
19
Years of Service
User Offline
Joined: 5th Mar 2005
Location: Binghamton NY USA
Posted: 16th Mar 2005 10:34
I'm no expert in pornographic websites (my girlfriend would tear me into tiny bits and distribute the leftover chunks to hungry park animals), but to help me answer your question I asked an "expert" from Yahoo, who quickly replied telling me that pornographic websites have pop-ups that can upload stuff to your computer without prompting either you OR Windows XP. The most common programs of this nature are called Dialers... I'm not sure what exactly a dialer is, but from the way this guy describes it, it sounds really, really bad. This virus apparently infiltrates your computer through software similar to dialers. Hence, you get this really sinister virus that's a pain in the [expletive deleted] to get rid of!

-Matt Rock

"Hell is an Irish Pub where it's St. Patrick's Day all of the time." ~ Christopher, *The Soprano's*
Eric T
21
Years of Service
User Offline
Joined: 7th Apr 2003
Location: My location is where I am at this time.
Posted: 16th Mar 2005 12:47
A dialer uses a dial-up modem to dial up a number and make you responsible for all the charges it leaves. It also downloads some spyware and such from that number.

Luckily, my porn sites are ones that are clean as a whistle normally, and using a popup blocker or firefox can keep you safe.

Joe bless good porn.

Shadow Angel
20
Years of Service
User Offline
Joined: 28th Oct 2004
Location: UNKNOWN LOCATION
Posted: 18th Mar 2005 04:36
NO WAIT!

I got this to, when I launch up Windows, it comes up
with something saying: "It's not working properly"

Is that what you're trying to say?

~ { [ Ali M ] } ~
Matt Rock
19
Years of Service
User Offline
Joined: 5th Mar 2005
Location: Binghamton NY USA
Posted: 18th Mar 2005 05:18
Wait, what comes up and says that what isn't working? If you have the virus I'm talking about, the error is related to the dr watson postmortem debugger. If you're getting an error message like that, you should go read the thread that my first post links to and you should do it right away. The virus gets worse and worse as you run antivirus and anti-spy/ad/malware programs... you have to follow the steps that this guy names or the virus will have its way with your computer the way it did with my Vaio PC. Hope this helped, and I'll c&p the link one more time for you here:

[href]http://www.thenerdnetwork.net/forums/viewtopic.php?t=3086&highlight=

Good luck with it, if that is indeed what you've got!

-Matt Rock

"Hell is an Irish Pub where it's St. Patrick's Day all of the time." ~ Christopher, *The Soprano's*
SageTech
19
Years of Service
User Offline
Joined: 3rd Dec 2004
Location: Orlando, Florida
Posted: 18th Mar 2005 05:32
hmmm, i had to tango with a dialer recently (i was looking at crack sites for serial numbers to simcity, which linked me to pr0n) anyway we got charges for phone calls to the uk.

Sage Tech Manager
Osiris
20
Years of Service
User Offline
Joined: 6th Aug 2004
Location: Robbinsdale, MN
Posted: 18th Mar 2005 05:53
HAHAHAHA!!!!!

Neofish
20
Years of Service
User Offline
Joined: 7th Apr 2004
Location: A swimming pool of coke
Posted: 18th Mar 2005 06:16
serves you right really...dont u notice when ur modem dials [a different number]

:: AphoticVM oGL Plugin : 0.001% Complete (v0.0.0.1) ::
Osiris
20
Years of Service
User Offline
Joined: 6th Aug 2004
Location: Robbinsdale, MN
Posted: 18th Mar 2005 08:00
It also serves him right for looks at crack websites.

indi
22
Years of Service
User Offline
Joined: 26th Aug 2002
Location: Earth, Brisbane, Australia
Posted: 18th Mar 2005 08:28
crackprondialupwhore <--future noun in dictionary

If no-one gives your an answer to a question you have asked, consider:- Is your question clear.- Did you ask nicely.- Are you showing any effort to solve the problem yourself
Eric T
21
Years of Service
User Offline
Joined: 7th Apr 2003
Location: My location is where I am at this time.
Posted: 18th Mar 2005 08:36
/me laughs at Sage Tech then gets back to his pr0n.

koolaid 2764
21
Years of Service
User Offline
Joined: 30th Sep 2003
Location: Atlanta, Georgia
Posted: 18th Mar 2005 08:45
ah the dreaded virus i just got a encounter with it not on my own pc of course i know better i was fixing a cpu for a customer who had that virus.

KOOLAID
Wiggett
21
Years of Service
User Offline
Joined: 31st May 2003
Location: Australia
Posted: 18th Mar 2005 08:48
lukcy i got a cable modem, no dialing at all! and i download huge pr0n and warez. but not thru kazaa, thats just silly.

Matt Rock
19
Years of Service
User Offline
Joined: 5th Mar 2005
Location: Binghamton NY USA
Posted: 19th Mar 2005 05:43
Quote: "ah the dreaded virus i just got a encounter with it "


Yay! I'm helping people! hehe. I knew this thread would come in handy. My work here is done *morphs into a turtle and rockets into space*

Quote: " lukcy i got a cable modem, no dialing at all! "


So what does the dialer do if you have cable or a T1-3? Just wastes space on your HD? How do you get rid of it? Is it something you can see, with a GUI or something, or is it just a background program? Sorry to bombard you guys with questions, but I'd never heard of dialers before this mess and it might come in handy to know a thing or two about this stuff.

-Matt Rock

"Hell is an Irish Pub where it's St. Patrick's Day all of the time." ~ Christopher, *The Soprano's*
IanG
20
Years of Service
User Offline
Joined: 25th Sep 2004
Location: Cyberspace
Posted: 19th Mar 2005 06:47
dialiers work with modems of the 56k kind, what they do is overide the settings of your modem (say you connect to aol thru dialup) and replace it for their own (which will be like a £20 per min) they are hidden programs and often inside others, they have no gui and if you have a cable connection i dont think it will do anything at all

Used to be Phoenix_insane registered in september 2003 despite what the date says to the left <--
PC - amd athlon 2.0ghz, 512mb, GeForce FX 5200 128mb, 200gb, xp pro sp2
Matt Rock
19
Years of Service
User Offline
Joined: 5th Mar 2005
Location: Binghamton NY USA
Posted: 19th Mar 2005 10:53
ty Ian Even if I were into porn like (what seems like) everyone else on the TGC forums I wouldn't have to worry about dialers, 768 cable here, hehe.

"Hell is an Irish Pub where it's St. Patrick's Day all of the time." ~ Christopher, *The Soprano's*
Osiris
20
Years of Service
User Offline
Joined: 6th Aug 2004
Location: Robbinsdale, MN
Posted: 20th Mar 2005 08:56
T-3 here

Matt Rock
19
Years of Service
User Offline
Joined: 5th Mar 2005
Location: Binghamton NY USA
Posted: 20th Mar 2005 09:34
Grrr, lucky! How much does a T-3 line cost anyway? I want one! Cable 768 is the fastest cable, to my knowledge anyway, but I need more bandwidth... we have four computers and two playstation 2's sharing a wireless router, and when you have six different things accessing the internet at the same time, four of which are pretty high end machines sending monsterous BSP files back and fourth, it gets pretty taxing on bandwidth. Who do I even call to get a T-3 line?

- Matt Rock

"Hell is an Irish Pub where it's St. Patrick's Day all of the time." ~ Christopher, *The Soprano's*
Daniel Kelly
19
Years of Service
User Offline
Joined: 26th Mar 2005
Location:
Posted: 27th Mar 2005 04:03
Yes, I wrote a very large article on this. And your forum went ahead and removed it because I didnt have my forum profile or whatever. That just made me angry.

I am the person who wrote the solution for the DrWatson error.

Its no use writing again because of your poor forum.

Good luck with this virus. I will not be back.

Daniel Kelly
Daniel Kelly
19
Years of Service
User Offline
Joined: 26th Mar 2005
Location:
Posted: 27th Mar 2005 04:04
this forum sucks, it removes half the posts. I wont even try again.

Bye.

Dan Kelly
solution writer for the DrWatson error

Login to post a reply

Server time is: 2024-11-27 04:35:24
Your offset time is: 2024-11-27 04:35:24