Re: Boot Sector Virus Removal

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Pravesh" <vagarw@xxxxxxxxx>

|
| Hi Everybody,
|
| I am a new member of this group.
| I am going through lot of problems due to virus in my home computer. I
| had a computer having Windows XP as OS. Few days back, I had got my
| computer badly infected due to some virus including Boot Sector Virus.
| I had run a number of anti virus softwares on my computer including
| Microsoft Anispyware. It catches a no. of spywares a number of times
| and shows them deleted. But once the system is booted up, the spyware
| start creating problems again.
| So i had gone ahead to format my system. After formatting, i had run
| the FDisk/MBR command to create repartitions and removing boot sector
| virus. Than i had installed the fresh Windows XP OS again. Once being
| done, i had installed Norton Antivirus, Windows AntiSpyware, Stinger,
| and Symantec prducts, Sybot .into my computer. Now when i am browsing
| the internet, it is opening a new browser with the unwanted urls... and
| making the current running website as jammed.
| After that, i scanned my computer with a number of intelligent
| softwares mentioned above, all of them show a number of virus and
| spyware again, i dont know why, when i had re-formatted my computer.
| Even know the situation had become so grieving, that it is not opening
| any exe file through run. I tried to go into registry thru regedit,
| but not opening, neither msconfig...
| Hence, Can u suggest me something to remove the boot sector virus
| completely from my system so that i can use my computer in a useful
| manner.
| Should i try to install Windows Xp -SP2 first and than download the
| patches through windows update..?
| Your suggestions are welcome .....
| thanks.

There are anti virus News Groups specifically for this type of discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus

You have much confused. MS Anti Spyware and SpyBot Search and Destroy are NOT anti virus
products. They traget non-viral malware.

McAfee/AVERT Stinger is a removal tool that should ONLY be used when you know that you are
infected with one of the ~55 targeted infectors. These are mainly Internet worms and a few
Trojans that work with the targeted worms. It does NOT handle Boot Sector Infectors.

FDISK /MBR is a not a fix for true Boot Sector Infectors and neither is reformatting.

How do you know you have a Boot Sector Infector ?
What AV product declared what specific Boot Sector Virus ?

Is your hard disk partitioned with NTFS or FAT32 ?

Please answer my questions and perform the following...


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.

Relevant Pages

  • Re: Found a virus undetected - any thoughts ?
    ... | my virus or anti-spyware software packages picked it up. ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. ...
    (microsoft.public.security.virus)
  • Re: alcan A or a dropper?
    ... I've never had a virus this bad. ... Download Adware-Virtumundo Removal Tool -- ... It would be best to scan in both Safe Mode and in Normal Mode and save a copy of the HTML ...
    (microsoft.public.windowsxp.general)
  • Re: Detecting unauthorized upload
    ... Is there a virus trying to upload my data? ... not infected with a virus or Trojan that AVG might be missing... ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... You can choose to go to each menu item and just download the needed files or you can ...
    (alt.comp.anti-virus)
  • Re: JAVA BYTEVER.A
    ... | I have a question regarding this virus, which was found during a recent scan ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... Trend, McAfee, Exit the menu and Reboot the PC ... You can choose to go to each menu item and just download the needed files or you can ...
    (microsoft.public.security.virus)
  • Re: URGENT- VIRUS
    ... has gotten the MSN block checker Virus. ... | blockers cant get rid of, and it has disabled the 'enter' button on my ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... You can choose to go to each menu item and just download the needed files or you can ...
    (microsoft.public.windowsxp.general)