PC completely virus-ridden!

[greencreeper]

Hmmm. I've encountered Vundo before. Used a tool to get rid of it. Might still have a copy on my PC at work. Will check.

First off, I run Windows Update - patch the PC up to date. And install, immunise, and run Spybot. Otherwise you're just jelly juggling. Next I remove the girlware (free pretty desktop wallpapers, shopping toolbar thingy...) from Add/Remove Programs. Full virus scan. I use Spybot's tools to look at the BHO/ActiveX objects and delete any I don't like the look of. If they magically re-appear, I know it's bad. I also look at the startup list - Spybot shows you all the available startup locations (there are a lot). I go after dodgy DLLs (those mentioned in the startup list and BHO/ActiveX objects) using Processor Explorer and Movefile. See here - http://technet.microsoft.com/en-gb/s.../bb545046.aspx

It's always a major job - can take hours. If you have a backup of your data, a rebuild is likely to be quicker and guarantees the PC is clean.

[CableWoman]

Hey Nugg!!

I was talking with someone in Symantec (I had a short question) and I commented your case as well.

1st you need to be sure the virus defs are up to date. You can download the latest version using Intelligent Updater from http://www.symantec.com/avcenter/dow...es/US-N95.html.
Then go to the safe mode and run "navw32 -a" from Start menu->Run. This will launch full system scan again. In case you find any infection, put down which threats are present.
You can trust Norton when it says it was resolved. If you don't feel confident you can always check the load points for those threats to see they are gone.

Hope everything is ok
Fennella

[Nugget]

Quote:

Originally Posted by CableWoman

Hey Nugg!!

I was talking with someone in Symantec (I had a short question) and I commented your case as well.

1st you need to be sure the virus defs are up to date. You can download the latest version using Intelligent Updater from http://www.symantec.com/avcenter/dow...es/US-N95.html.
Then go to the safe mode and run "navw32 -a" from Start menu->Run. This will launch full system scan again. In case you find any infection, put down which threats are present.
You can trust Norton when it says it was resolved. If you don't feel confident you can always check the load points for those threats to see they are gone.

Hope everything is ok
Fennella

Thanks for that

I've actually reformatted it now, and everything's sorted. I've also got rid of Norton, 'cos it just went mad, and allowed everything in by the end of it...

[David F]

Quote:

Originally Posted by CableWoman

Hey Nugg!!

I was talking with someone in Symantec (I had a short question) and I commented your case as well.

1st you need to be sure the virus defs are up to date. You can download the latest version using Intelligent Updater from http://www.symantec.com/avcenter/dow...es/US-N95.html.
Then go to the safe mode and run "navw32 -a" from Start menu->Run. This will launch full system scan again. In case you find any infection, put down which threats are present.
You can trust Norton when it says it was resolved. If you don't feel confident you can always check the load points for those threats to see they are gone.

Hope everything is ok
Fennella

Dont spose you asked them why their product is poop ?

[GoldenBoar]

Quote:

Originally Posted by Nugget

Thanks for that

I've actually reformatted it now, and everything's sorted. I've also got rid of Norton, 'cos it just went mad, and allowed everything in by the end of it...

Good decision. Norton is garbage. Stick to the freeware.

Anti-Virus - pick one only
AVG
Avast
Avira

Anti-spyware
Spybot Search & Destroy (basic real-time)(avoid TeaTimer)
Adaware
A-squared
Spyware Terminator (Real-time)
SUPERAntiSpyware
Spyware Doctor (basic real-time)(If you're PC can run it)

Personal Firewall
Comodo

---------- Post added at 15:01 ---------- Previous post was at 14:55 ----------

Quote:

Originally Posted by greencreeper

Hmmm. I've encountered Vundo before. Used a tool to get rid of it. Might still have a copy on my PC at work. Will check.

First off, I run Windows Update - patch the PC up to date. And install, immunise, and run Spybot. Otherwise you're just jelly juggling. Next I remove the girlware (free pretty desktop wallpapers, shopping toolbar thingy...) from Add/Remove Programs. Full virus scan. I use Spybot's tools to look at the BHO/ActiveX objects and delete any I don't like the look of. If they magically re-appear, I know it's bad. I also look at the startup list - Spybot shows you all the available startup locations (there are a lot). I go after dodgy DLLs (those mentioned in the startup list and BHO/ActiveX objects) using Processor Explorer and Movefile. See here - http://technet.microsoft.com/en-gb/s.../bb545046.aspx

It's always a major job - can take hours. If you have a backup of your data, a rebuild is likely to be quicker and guarantees the PC is clean.

Here are the name of the Vundo Removal tools
VundoFix.exe
VirtumundoBeGone.exe

and smitfraud removal tools,

SmitfraudFix.exe - anti-virus may complain, it's a false positive though.
smitRem.exe

another good removal tool is SDFix.exe

[Nugget]

Quote:

Originally Posted by GoldenBoar

Good decision. Norton is garbage. Stick to the freeware.

Anti-Virus - pick one only
AVG
Avast
Avira

Anti-spyware
Spybot Search & Destroy (basic real-time)(avoid TeaTimer)
Adaware
A-squared
Spyware Terminator (Real-time)
SUPERAntiSpyware
Spyware Doctor (basic real-time)(If you're PC can run it)

Personal Firewall
Comodo

M'eh, not bothered with that either - I've now got McAfee, which seems to be doing the tick (so far...) . I have downloaded Spybot, but I'm really not fussed about the rest of that - far too much hassle, and it'll get in the way of me doing stuff

[cleshe]

There is some advice on the majorgeeks site that I have found helpful in the same circumstances.
I think this link should get you there.
http://forums.majorgeeks.com/showthread.php?t=35407
Unfortunately it's a long process, and not always successful. you could end up reformatting whatever you try.Good luck.

---------- Post added at 12:04 ---------- Previous post was at 11:56 ----------

Quote:

Originally Posted by Nugget

M'eh, not bothered with that either - I've now got McAfee, which seems to be doing the tick (so far...) . I have downloaded Spybot, but I'm really not fussed about the rest of that - far too much hassle, and it'll get in the way of me doing stuff

Just an aside, but the one you've chosen didn't fare much better than Norton in the group tests run by PCPRO and PC Advisor.Kaspersky came top , followed by AVG free if I remember right

[basa]

Quote:

Originally Posted by GoldenBoar

Good decision. Norton is garbage. Stick to the freeware.

Anti-Virus - pick one only
AVG
Avast
Avira

Anti-spyware
Spybot Search & Destroy (basic real-time)(avoid TeaTimer)
Adaware
A-squared
Spyware Terminator (Real-time)
SUPERAntiSpyware
Spyware Doctor (basic real-time)(If you're PC can run it)

Personal Firewall
Comodo

---------- Post added at 15:01 ---------- Previous post was at 14:55 ----------



Here are the name of the Vundo Removal tools
VundoFix.exe
VirtumundoBeGone.exe

and smitfraud removal tools,

SmitfraudFix.exe - anti-virus may complain, it's a false positive though.
smitRem.exe

another good removal tool is SDFix.exe

TBH IMO AVG ain't worth the time and you only really need Spybot and SUPERAntiSpyware, the rest are just bloat. AdAware and A-squared are rubbish now.

Oh and get SpywareBlaster on there as well. That and Spybot might have blocked a lot of those malware problems brought on by the virii.

[trevortt]

Quote:

Originally Posted by Nugget

Hi Guys (and Gals!),

Having had Norton go completely mad last week and tell me that my PC had both the Downloader and Metajuan trojans, I ran a full scan and (I thought) cleared them.

Unfortunately, having switched on again last night, it again went mad, saying that those two were still there, and there was also one called Trojan.Vundo...

I turned off Sysetm Restore, put it into Safe Mode, and ran the scan again - 6 hours later, it told me that there were 13 (13!) viruses detected. Norton claims to have repaired them all, but I have to say I'm not 100% convinced. Before I either kick it around the room, or re-format it (which I also don't know how to do (), can anyone suggest anything else that I can do, seeing as I'm rapidly losing the will to live...

TIA

Norton is pants get Nod32 or AVG Free.

[Maggy J]

I'm happy with NOD32...yes it's not free but it's not expensive and it does the job without being bloatware.

[G UK]

Kaspersky all the way here.

[Mal]

Quote:

Originally Posted by Incognitas

I'm happy with NOD32...yes it's not free but it's not expensive and it does the job without being bloatware.

I agree, it does its job, without the bloat.

[joglynne]

My Kaspersky is coming to the end of it's free trial and rather than just go for the paid renewal I thought I would have a look at NOD32 as so many of the posters rate it.

I don't know if it's of any use to anyone else but I have found that there is currently a free 30 day trial on offer here

[TheBruce1]

Kaspersky 2009(V8) which is a TR at the moment and should be released sometime in June has been getting rave reviews, they have added new tools, but the footprint is smaller.

Quote:

Major Improvements in v8:
-NEW...HIPS
-NEW...Whitelisting Technology (whitelisting certain programs to automatically allow Kaspersky to decide whether an application can connect to the internet and perform specific activity... less user intervention and more user friendly... less popups and requests from PDM and firewall.
-NEW...Scanning of Vulnerabilities in installed programs (so you can update them to prevent the programs being "exploited" and malware being installed on your computer via them)
-NEW...Advanced Reporting Capabilities (more in depth reports of activity of your programs and more statistics)
-NEW...Virtual Keyboard (to prevent keyloggets logging keys, good to use when entering personal details/passwords)
-NEW...Database of malicious URLs (Alerting users about prolific malware hosting websites)
-NEW...System Restore Wizard (Help fix damage caused to the computer after an infection; restoring functionality)
-NEW...GUI
-IMPROVED...Speed of overall product components (More efficient and faster scanning and will not slow computer down as much as previous versions thanks to the rebuilt/improved antivirus engine.

Other Improvements:
-Enhanced PDM
-Improved Heuristics
-New Packer Detection (suspicious packer and multi-packer)

ScreenShots:
http://malwarecrawler.com/kaspersky/

[trevortt]

Quote:

Originally Posted by joglynne

My Kaspersky is coming to the end of it's free trial and rather than just go for the paid renewal I thought I would have a look at NOD32 as so many of the posters rate it.

I don't know if it's of any use to anyone else but I have found that there is currently a free 30 day trial on offer here

Aye, that's how i got to buy it..i took the 30 day trial and then bought it.