ot: virus in MS (what to do)

Dorian A. Monroe, II dorian.monroe at cox.net
Wed Feb 25 10:26:03 MST 2009


I'd throw in a second for MalwareBytes' AntiMalware.  And I'd also 
recommend McAfee's Stinger.

As for reinstalling the system, that should always be a last-resort 
effort to fix the problem.  I would also be hesitant to scan a Windows 
partition for viruses from Linux, but I wouldn't rule that out as an 
option depending on the virus and the extent of the damage.  Booting to 
any other operating system won't allow you to scan the Windows registry. 
Boot to Safe Mode (F8 after Windows starts to load) and run a scanner 
like the ones mentioned above.  A lot of viruses create randomly named 
executables(or dlls) started up from 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run and the same key 
under HKLM.  Many create several running processes that monitor those 
keys and duplicate the trojan files and recreate those startup keys 
whenever they're deleted.

One of those scanners should at the very least be able to identify what 
virus(es) are on the system.  If the tools aren't able to successfully 
clean the infection, a quick Google search will give you some manual 
instructions on how to clean things up and links to tools that will 
help.


On Wed, Feb 25, 2009 at 10:06 AM , wayne wrote:

> mike havens wrote:
>> hey guys, I know that if you get a virus in M$ the best thing to do 
>> is to reinstall the system. Would the next best  thing be to install 
>> a copy of clamwin into their computer.?
>>
>> -- 
>> :-)~MIKE~(-:
>> 
>> ------------------------------------------------------------------------
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> I would try:  mbam-setup.exe (Malwarebytes' Anti-Malware 
> http://www.malwarebytes.org ), and load  COMODO internet security. ( 
> http://www.comodo.com ) Both are free
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


More information about the PLUG-discuss mailing list