PC completely virus-ridden!

[Nugget]

Hi Guys (and Gals!),

Having had Norton go completely mad last week and tell me that my PC had both the Downloader and Metajuan trojans, I ran a full scan and (I thought) cleared them.

Unfortunately, having switched on again last night, it again went mad, saying that those two were still there, and there was also one called Trojan.Vundo...

I turned off Sysetm Restore, put it into Safe Mode, and ran the scan again - 6 hours later, it told me that there were 13 (13!) viruses detected. Norton claims to have repaired them all, but I have to say I'm not 100% convinced. Before I either kick it around the room, or re-format it (which I also don't know how to do (), can anyone suggest anything else that I can do, seeing as I'm rapidly losing the will to live...

TIA

[Rob M]

Nugg,

I've got bad news I'm afraid.

The industry standard advice after any scale of viral infection is to 'rebuild from known good media'.

I've only ever had one viral problem (caused by my anti-virus failing to detect one virus which then shut it down and invited all its mates to the party). I can't begin to tell you the time I saved just rebuilding the whole machine, compared to what I would have spent trying (and failing) to get rid of the little buggers.

The other problem (of course) is that you can never be sure that you've got them ALL unless you rebuild.

[Graham M]

Sorry it's not very helpful (then nor is Norton normally) but I think one of the freebies such as AVG, AVAST is more likely to shed light on the situation and clear said virii out. But generally with that number, they get rooted in so deep, a reformat is almost inevitable. Don't use Norton!

[Nugget]

Quote:

Originally Posted by Raistlin

Nugg,

I've got bad news I'm afraid.

The industry standard advice after any scale of viral infection is to 'rebuild from known good media'.

I've only ever had one viral problem (caused by my anti-virus failing to detect one virus which then shut it down and invited all its mates to the party). I can't begin to tell you the time I saved just rebuilding the whole machine, compared to what I would have spent trying (and failing) to get rid of the little buggers.

The other problem (of course) is that you can never be sure that you've got them ALL unless you rebuild.

Quote:

Originally Posted by Zeph

Sorry it's not very helpful (then nor is Norton normally) but I think one of the freebies such as AVG, AVAST is more likely to shed light on the situation and clear said virii out. But generally with that number, they get rooted in so deep, a reformat is almost inevitable. Don't use Norton!

Thanks for that guys - I was fairly sure that that would be the answer, but I thought it would be better to ask first

Right, next question - how the hell do I re-format then

Oh, and I hate Norton anywaqy, but BT provide it free with whichever option we're on. Mind you, I'm not going to be using it anymore

[Rob M]

Do you have any system restore discs that came with the computer?

[Nugget]

Quote:

Originally Posted by Raistlin

Do you have any system restore discs that came with the computer?

I believe so - it's all in Mrs Nugs name, so she'll have to dig them out

[Rob M]

You should find that if you restart the PC with one of those discs in it will take you through the process of restoring it all to exactly how it was when you first bought it.

Remember though that this will delete all files and software from the drive. Make sure you copy any files that you need to CD first and that you have copys of any software/licence keys that you need.

You'll also need to get out any email addresses, web page bookmarks, or other information that you need to keep - this includes the settings for your emails (servers, passwords, account names, etc) and any settings you need to access the internet.

Also remember that anything you write to disc could be infected, so you'll need to scan those after you write them (and then again before you put them in the machine once it's rebuilt) just in case.

[Nugget]

Quote:

Originally Posted by Raistlin

You should find that if you restart the PC with one of those discs in it will take you through the process of restoring it all to exactly how it was when you first bought it.

Remember though that this will delete all files and software from the drive. Make sure you copy any files that you need to CD first and that you have copys of any software/licence keys that you need.

You'll also need to get out any email addresses, web page bookmarks, or other information that you need to keep - this includes the settings for your emails (servers, passwords, account names, etc) and any settings you need to access the internet.

Also remember that anything you write to disc could be infected, so you'll need to scan those after you write them (and then again before you put them in the machine once it's rebuilt) just in case.

Thanks matey - looks like I know what I'm spending this evening doing

[Rob M]

Quote:

Originally Posted by Nugget

Thanks matey - looks like I know what I'm spending this evening doing

Sorting out the aftermath of a rampant viral infection.....sounds like par for the course to me

[Nugget]

Quote:

Originally Posted by Raistlin

Sorting out the aftermath of a rampant viral infection.....sounds like par for the course to me

You know what? I really don't know how to respond to that

[Eric55]

Turn off system restore as the virus will replicate itself there.

[Nugget]

Quote:

Originally Posted by Eric55

Turn off system restore as the virus will replicate itself there.

Quote:

Originally Posted by Nugget

I turned off System Restore, put it into Safe Mode, and ran the scan again

*ahem*

That was about the only thing that I did know to do

[Watching You]

Quote:

Originally Posted by Nugget

Hi Guys (and Gals!),

Having had Norton go completely mad last week and tell me that my PC had both the Downloader and Metajuan trojans, I ran a full scan and (I thought) cleared them.


TIA

I also used Norton but yes put your computer in safe mode and run a scan, do contact Nortons for additional help if needed - that's what they are there for.

But also suggest that you check for spyware, which are not picked up by Nortons, but can be used by viruses to invade your computer.

Suggest you also run Webroot, which also offers a free trial and picks up many spyware.

Good Luck!

[David F]

Check msconfig for any dodgy start up files.Note location of registry entry of these files.
Download and install avast during the install it will offer you the option of a boot time scan select yes and reboot.
The scan will start before most windows componants are running allowing the files to be deleted. Wait till it finds a virus and select delete all.Once pc has booted check msconfig for dodgy start up items .
If still present goto start run select regedit and run it. Browse to the location of said dodgy start up items in reg and delete the keys.(also Untick from start up). If its a file name then run a search though the registry for the rogue file ie illl.exe etc. Uninstall and reinstall avast selecting boot time scan again run full scan . This has often rescued me from reformats but it does depend if any of the virus's were rootkits or not

[nffc]

FixVundo?

You could always run a scan with superantispyware as well... Otherwise rebuild tbh, Vundo is removable but it's a damn pain to.