Got whacked with a virus, need some advice

[Polishwonder74]

Welp. . . I gone and done it. I just nuked my computer like last week, and had a fresh copy of XP Pro SP2 running like a champ, and the I got nailed with a nasty virus or 2. I can't seem to flush it out even with a 100% updated Norton Antivirus 2005. It is a REAL pain in the tuchas. I've got popup windows coming up, like 2 or 3 new icons in the systray, and no amount of scanning from Spy Sweeper, Ad Aware, or Norton 2006 seems to kill it.

My question is, what are the chances that my slave hard drive is screwed, too? I have a smaller PATA hard drive for my OS, and I use a big 160 gig SATA to hold all my stuff (and it's nearly full). Right now I'm running a Trend Micro housecall on the slave hard drive to try to flush out whatever leaked over there, and so far it seems to have seen TROJ_LDPINCH.CM. I'm hoping to move a couple things back over to the slave and nuke the master again. I hadn't gotten too much installed since she was nuked last week, so this won't be too bad, but I really don't want to go to all this trouble only to have this virus hide in the slave and pwn my master again.

How would you guys go about making sure that I don't have a virus relapse from the slave, and what are you using for antivirus? (I'm getting real sick of Norton AV myself).

Thanks for your time, fellas. What a crappy way for me to start the week. . . *sigh*

:beer:

 

[mechBgon]

k, try my routine here: http://www.omnicast.net/~tmcfadden/scan.txt and I've even done a narrated screencapture movie showing how, for those who are more audio/visual learners: http://www.omnicast.net/~tmcfadden/manualscan.wmv

PM me the text from the C:\Report.html file that it creates after it's done scanning. Based on what's found, I may have further advice.

What version of Norton Antivirus are you using, btw? Older versions are not as capable, so I hope it's 2005 or 2006? If it's older, then uninstall all pieces of it, install a 30-day trial of Kaspersky Antivirus Personal 5, configure it like shown here for maximum effectiveness, and also do a scan with it in Safe Mode With Command Prompt too, after the other scanner (do a CTRL ALT DEL and use Task Manager to start kav.exe, then scan).

Even if you decide to nuke and rebuild, this will at least make sure that your remaining stuff on the 160GB is clean.

 

[Polishwonder74]

Roger that, Mech. I'm all over it like a fat kid on a donut.

Right now I'm going through the malware removal in the sticky. It's Norton 2005 that I'm running now. Found a couple nasties with Ewino just now in safe mode. Mediatickets and SpyFalcon.

Mech, you're the man.

 

[Polishwonder74]

Holy crapola, the command line virus scan is finding infections like crazy! Hopefully it'll be done in a couple minutes.

 

[Polishwonder74]

Argh. . . BF2 and WoW, the two biggest games in history. Of course they were the first things I installed. . . .

Still waiting.

 

[reverend boltron]

We're rooting for you!

 

[Polishwonder74]

Oh snap, now it's checking the big 160 gig. This'll be a while. It's chock full. Thanks for the support, fellas!

Looks like on the c:\ I have 14 possibly infected, 15 deleted, 2 non-critical errors, and zero MBR or boot sector problems.

I'll post again when this is all done.

 

[mechBgon]

Originally posted by: Polishwonder74
Oh snap, now it's checking the big 160 gig. This'll be a while. It's chock full. Thanks for the support, fellas!

Looks like on the c:\ I have 14 possibly infected, 15 deleted, 2 non-critical errors, and zero MBR or boot sector problems.

I'll post again when this is all done.

Sweet, I look forward to hearing the final body count

 

[Polishwonder74]

Welp, I stopped McAfee from scanning my 160, it kept deleting joke programs and stuff automatically, and I scanned it with Ewino. Then I nuked my smaller OS/Boot hard drive, and she seems to be running ok. I immediately installed Norton Antivirus '05 and updated it, and finally ran a scan of the 160 slave. It didn't come up with anything, so must be Ewino did a good job.

Hopefully everything is working out and I don't have an invisible gremlin inside here looking for credit card numbers and stuff. This did give me an opportunity to do up my first Linux/XP dual boot, so I'm kinda excited about that.

Anyways, thanks for all your help. I really, really appreciate it.

MechBgon for president!!!

:beer: :beer:

 

[Raduque]

Hope you managed to finally get rid of everything. I got hit by win32.Tenga this sunday, and it ate 90% of all my .exes on two computers.

 

[Polishwonder74]

OUCH!! What were you using for antivirus? It must really suck.