Boot Sector Virus Removal

[Pravesh]

Hi Everybody,

I am a new member of this group.
I am going through lot of problems due to virus in my home computer. I
had a computer having Windows XP as OS. Few days back, I had got my
computer badly infected due to some virus including Boot Sector Virus.
I had run a number of anti virus softwares on my computer including
Microsoft Anispyware. It catches a no. of spywares a number of times
and shows them deleted. But once the system is booted up, the spyware
start creating problems again.
So i had gone ahead to format my system. After formatting, i had run
the FDisk/MBR command to create repartitions and removing boot sector
virus. Than i had installed the fresh Windows XP OS again. Once being
done, i had installed Norton Antivirus, Windows AntiSpyware, Stinger,
and Symantec prducts, Sybot .into my computer. Now when i am browsing
the internet, it is opening a new browser with the unwanted urls... and
making the current running website as jammed.
After that, i scanned my computer with a number of intelligent
softwares mentioned above, all of them show a number of virus and
spyware again, i dont know why, when i had re-formatted my computer.
Even know the situation had become so grieving, that it is not opening
any exe file through run. I tried to go into registry thru regedit,
but not opening, neither msconfig...
Hence, Can u suggest me something to remove the boot sector virus
completely from my system so that i can use my computer in a useful
manner.
Should i try to install Windows Xp -SP2 first and than download the
patches through windows update..?
Your suggestions are welcome .....
thanks.

 

[mdp]

Hi Everybody,

Should i try to install Windows Xp -SP2 first and than download the
patches through windows update..?
Your suggestions are welcome .....
thanks.

By wiping out the drive, partition and all, and installing XP fresh from a
legitimate CD, you should not have any viruses. You can pick up a virus (or
other malware) from an email you currently have, media such as a floppy,
(bootleg) cd, zip drive, websites, etc. Do you have other drives attached
and have they been fully scanned? It may exist somewhere else and is being
installed inadvertently. Regarding your question, I would install XP, then
XP SP2, then go to Windows Update for the rest.

 

[David H. Lipman]

From: "Pravesh" <[email protected]>

|
| Hi Everybody,
|
| I am a new member of this group.
| I am going through lot of problems due to virus in my home computer. I
| had a computer having Windows XP as OS. Few days back, I had got my
| computer badly infected due to some virus including Boot Sector Virus.
| I had run a number of anti virus softwares on my computer including
| Microsoft Anispyware. It catches a no. of spywares a number of times
| and shows them deleted. But once the system is booted up, the spyware
| start creating problems again.
| So i had gone ahead to format my system. After formatting, i had run
| the FDisk/MBR command to create repartitions and removing boot sector
| virus. Than i had installed the fresh Windows XP OS again. Once being
| done, i had installed Norton Antivirus, Windows AntiSpyware, Stinger,
| and Symantec prducts, Sybot .into my computer. Now when i am browsing
| the internet, it is opening a new browser with the unwanted urls... and
| making the current running website as jammed.
| After that, i scanned my computer with a number of intelligent
| softwares mentioned above, all of them show a number of virus and
| spyware again, i dont know why, when i had re-formatted my computer.
| Even know the situation had become so grieving, that it is not opening
| any exe file through run. I tried to go into registry thru regedit,
| but not opening, neither msconfig...
| Hence, Can u suggest me something to remove the boot sector virus
| completely from my system so that i can use my computer in a useful
| manner.
| Should i try to install Windows Xp -SP2 first and than download the
| patches through windows update..?
| Your suggestions are welcome .....
| thanks.

There are anti virus News Groups specifically for this type of discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus

You have much confused. MS Anti Spyware and SpyBot Search and Destroy are NOT anti virus
products. They traget non-viral malware.

McAfee/AVERT Stinger is a removal tool that should ONLY be used when you know that you are
infected with one of the ~55 targeted infectors. These are mainly Internet worms and a few
Trojans that work with the targeted worms. It does NOT handle Boot Sector Infectors.

FDISK /MBR is a not a fix for true Boot Sector Infectors and neither is reformatting.

How do you know you have a Boot Sector Infector ?
What AV product declared what specific Boot Sector Virus ?

Is your hard disk partitioned with NTFS or FAT32 ?

Please answer my questions and perform the following...


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *