Re: ot: virus in MS (what to do)

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Dorian A. Monroe, II
Date:  
To: Main PLUG discussion list
Subject: Re: ot: virus in MS (what to do)
I'd throw in a second for MalwareBytes' AntiMalware. And I'd also
recommend McAfee's Stinger.

As for reinstalling the system, that should always be a last-resort
effort to fix the problem. I would also be hesitant to scan a Windows
partition for viruses from Linux, but I wouldn't rule that out as an
option depending on the virus and the extent of the damage. Booting to
any other operating system won't allow you to scan the Windows registry.
Boot to Safe Mode (F8 after Windows starts to load) and run a scanner
like the ones mentioned above. A lot of viruses create randomly named
executables(or dlls) started up from
HKCU\Software\Microsoft\Windows\CurrentVersion\Run and the same key
under HKLM. Many create several running processes that monitor those
keys and duplicate the trojan files and recreate those startup keys
whenever they're deleted.

One of those scanners should at the very least be able to identify what
virus(es) are on the system. If the tools aren't able to successfully
clean the infection, a quick Google search will give you some manual
instructions on how to clean things up and links to tools that will
help.


On Wed, Feb 25, 2009 at 10:06 AM , wayne wrote:

> mike havens wrote:
>> hey guys, I know that if you get a virus in M$ the best thing to do
>> is to reinstall the system. Would the next best thing be to install
>> a copy of clamwin into their computer.?
>>
>> --
>> :-)~MIKE~(-:
>>
>> ------------------------------------------------------------------------
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> I would try: mbam-setup.exe (Malwarebytes' Anti-Malware
> http://www.malwarebytes.org ), and load COMODO internet security. (
> http://www.comodo.com ) Both are free
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss