Viruses RIGHT after reinstall?

[IceWilly]

This is bizarre. I am helping a friend and right after i freshly install windows from my legit disk and install a legit norton antivirus it pops up with Serious viruses in system files. I have never heard of this happening and have no idea how to fix it. It also says the install of windows is damaged as you may have seen in my other post...

 

[Andyman902042]

Was it connected to the internet during/after install?

 

[{PMS}fishy]

What is it finding for viruses? That does seem very weird.

 

[Permanoob]

Like AndyMan was thinking it could have been hooked up to the network and the virus propegated shortly after install. It could also be resident in the master boot record.

 

[IceWilly]

Others have mentioned the master boot record, how common are viruses that do that kind of thing, and how would i get rid of them.
Also the computer was hooked up to the internet. But i am talking about a span of like 2 mins here. And it has given me similar problems before. I def wasn't because it was hooked up to the internet. I think the Mbr idea is probably whats going on.

Man this is just a normal girl from school that barely knows how to write an email. Lol, how did all this happen to her computer?

 

[Andyman902042]

If it's an MBR virus heres how to fix it:

1.boot to the windows xp install CD

2.press r to go to the recovery console

3.Type fixmbr and press enter

This will write a clean MBR to the disk.

 

[stool]

It doesn't take long. The last install I tried prior to this one, I got nailed before I could even DL the needed updates and antivirus stuff I needed.

 

[Dubbin1]

it pops up with Serious viruses in system files.

Well, you did install a Microsoft product

I have heard of people getting a virus while hooked up to the net when installing widows.

 

[Xenon74]

Either computer was infected with some virus or trojan exploiting the RPC/DCOM vulnerability or maybe firewall feature was not checked at install and all ports were open to attackers. Then someone scanned this computer's IP or even ISP IP range and gained remote access which enabled him to install the virus/trojan. Although I think enabling MS firewall woudn't help.

I have static IP and my ports are constantly scanned from outside Mostly IPs from Poland, France and S.Korea.

 

[invisible hand]

When I re-installed XP I ended up getting 3 viruses within seconds of being connected to the net! I had Norton running and it quarantined them. The second time, I installed ZoneAlarm before connecting to the net and the viruses came again but were easliy removed with Norton.

Would this be an example of an MBR virus? Can viruses be fully removed like this, or will this happen every time I install the OS?

 

[IceWilly]

FYI: it was an Mbr virus. I went to the recovery console and it said the mbr was "damaged" so that was my problem. I cleared the mbr and installed no probs. Still says the windows install is damaged tho....

thx all

 

[amazon10x]

I would reinstall the windows install. You don't want to use a damaged OS and say it works fine now and then later down the road realize it doesnt

 

[IceWilly]

I reinstalled and repaired at least 5x each. Always turns out damaged. I have no option except to leave it like that.

 

[theguywiththeha]

this happens with me and windows 2000pro even after i put service pack 4 and blaster update before i connect

 

[mookbuster]

Long shot here but did you happen to actually turn off the computer so any memory resident virii would cease to exist, then cleanse the mbr using a boot disk?

I remember back in the day the Stealth virus had me going around in circles for weeks, my first run in with a virus.

 

[secretweapon]

Disconnect from the internet when installing windows xp. Then install antivirus program. Connect to the internet after antivirus is installed and update virus definitions. After that move on to updating windows security & critical updates. Now put up a firewall and you'll be safe. I recent went through the same thing on one of my comps, the new viruses will hit you right as ur installing if comp is connected to the internet.