J
Joseph O'Brien
Hello, everyone. I have a computer that has been infected with a virus/
worm/trojan/whatever. I'm not completely sure which one, but my
computer does the automatic shutdown thing (initiated by NT Authority
\System).
I think I have the virus cleaned off, but the OS has been damaged. Can
someone who knows advise me on the plan below?
1) Remove suspect drive from PC. Replace with a new, store-bought
drive.
2) Install clean OS, updates programs, virus scan, etc.
3) Re-attach suspect drive as slave.
4) Copy necessary files over from suspect drive, leaving out Program
Files and anything in ~\Local Settings.
I do have backups, but they are most likely infected as well. I was
thinking that it might be easier to just pull the files directly off
the suspect drive, rather than transfer them to an external drive.
However, I want to be sure that whatever was on the suspect drive
doesn't "jump ship" to the good drive. I assume that, as long as the
MBR of the new drive is clean, and as long as I don't open an
executable that contains the virus, then I should be OK.
Is this a correct assumption?
Thanks.
Joseph
worm/trojan/whatever. I'm not completely sure which one, but my
computer does the automatic shutdown thing (initiated by NT Authority
\System).
I think I have the virus cleaned off, but the OS has been damaged. Can
someone who knows advise me on the plan below?
1) Remove suspect drive from PC. Replace with a new, store-bought
drive.
2) Install clean OS, updates programs, virus scan, etc.
3) Re-attach suspect drive as slave.
4) Copy necessary files over from suspect drive, leaving out Program
Files and anything in ~\Local Settings.
I do have backups, but they are most likely infected as well. I was
thinking that it might be easier to just pull the files directly off
the suspect drive, rather than transfer them to an external drive.
However, I want to be sure that whatever was on the suspect drive
doesn't "jump ship" to the good drive. I assume that, as long as the
MBR of the new drive is clean, and as long as I don't open an
executable that contains the virus, then I should be OK.
Is this a correct assumption?
Thanks.
Joseph