Virus

Posted by: Debbie D.

Virus - 12/28/09 06:06 AM

Hey all, I hope this is the right forum to put this in. I desperately need help. I have a MacBook with Leopard and I'm running Parallels with Windows XP. I have a virus on the XP side. Now, I can't log on to Windows. The virus is the log on log off loop or perhaps I should say that is a symptom of the virus. I'm having issues getting in touch with Parallels support. Does anyone have the solution or suggestions on what to do? PLEASE HELP!!!!
Posted by: Debbie D.

Re: Virus - 12/28/09 06:06 AM

Debbie D.
Posted by: MacBozo

Re: Virus - 12/28/09 06:15 AM

I think the standard procedure is to erase and reinstall Windows at this point. I'm surprised you didn't have a good anti-virus app installed and up to date.
Posted by: Jim_

Re: Virus - 12/28/09 06:15 AM

You'll have to start in Safe Boot mode, fn+F8, or maybe just keep tapping F8.

To get rid of the virus though you'd have to have a CD ready with some anti-virus software to install. AVG Free is a good start.

Google xp log on log off loop to get more tips on removing the malware, could be a number of things.
Posted by: Debbie D.

Re: Virus - 12/28/09 08:49 PM

I have AVG Free installed BEFORE I got the virus. I selected a link from FaceBook opened in Safari and that was all it took. It automatically started Parallels and Windows and it went haywire from there. I've already reinstalled Windows, so what I really need is my documents and my outlook file. I just don't know how to find those. It's not like taking the hard drive out of a pc and putting it in an external enclosure. I can do that, but I can't just go in and access files. Any suggestions on this end?


Debbie D.
Posted by: Jim_

Re: Virus - 12/28/09 09:37 PM

Did you try Safe Boot?
Posted by: TCPMeta

Re: Virus - 12/29/09 10:27 AM

Boot from the CD and select repair when it comes up with the install options. Doubt it's a virus, sounds more like a crippled system file or a registry entry got lost.
Posted by: Jim_

Re: Virus - 12/29/09 12:12 PM

She did say she reinstalled Windows though. Wouldn't do the same thing plus a bit more? I know enough about Windows to be dangerous.
Posted by: TCPMeta

Re: Virus - 12/29/09 09:57 PM

I didn't see Debbie's second post.

Odd how it could launch Parallels like that. Ether way there should be a way to mount the virtual partition. If you cant mount it with in OSX why not create a second virtual system and mount the virtual partition that has the files you want as a secondary slave partition?
Posted by: Jim_

Re: Virus - 12/29/09 10:43 PM

Originally Posted By: TCPMeta
If you cant mount it with in OSX why not create a second virtual system and mount the virtual partition that has the files you want as a secondary slave partition?
I can see mounting it as a slave when in windows, in other words making a new Windows partition, boot from it, then access the problem partition to get the data.

I don't know if it's possible to mount the .hdd image on X natively yet.

I did it a couple of years ago but it involved first converting the .hdd to one format, then to another, so the Finder could mount it read only, then I was able to recover the customer's Quickbooks file. It took hours to do the conversions. I had to temporarily install some kernel extensions to read and manipulate the formats. I had some notes, I'll have to see if I can find them. I'm just wondering if there's not an easier way now, I haven't ran across the need to since then.
Posted by: TCPMeta

Re: Virus - 12/30/09 07:11 AM

The MacFUSE project should work. Enables 3rd party file systems to be mountable and since parallels uses a .hdd extension you could mount it manually via the terminal window with the mount command and with the NTFS syntax.