Hi, I'm in the Doghouse today: In an effort to speed up his PC I substituted Dad's Norton with MsSE and Malwarebytes and within 10 days he's got Win32Ramnit!A and Ramnit D. I've run both in safe mode and restarted lots but can't shift the b***er, don't really want to do a full reinstall if I don't have to BUT a lot of advice is wipe & reinstall. Can I safely save his over 18k photos??? Thanks for any help as I'm in it up to my neck!
Burn a Linux distro (Ubuntu will do) to a disk, then live boot that. Copy all the pictures and any other data to a USB stick or external HDD, then rest assured that the data is safe. Wipe, reinstall, copy everything back (this can be done in the new Windows), ???, then PROFIT.
lp rob1, Thanks for that advice, I have a Mint 7 Live CD in the drawer, so could do all that tomorrow. Much appreciated - one aspect solved. Then it's "take off and nuke the entire site from orbit"
Why did you remove his norton? I know this is tempting fate, but I've been using it for about 10years now and NEVER had a virus and I've tested it on plenty of websites.
Have a little read of THIS Might help a bit. Once you downloaded anything you need take the PC off line as it'll have a back door. At least that way you're not open to further attacks.
Weeeeeeeell, I felt that it was a resource hog and the PC could do with lightening the load. I did do a fair bit of research online, and MsSE + Malwarebytes was recommended numerous times with little criticism. I know that noting is 100% safe, but was confident that it was a suitable replacement. Bulldog, thanks for the link - I saw that it has a backdoor so will take it offline and deal with it in round 2. Watch this space - Thanks again guys, it's good to have you out there
A cautionary tale. Have been very happy with Norton for several years, but was going to try MsSE and save a few quid. Think I will pass now... Good luck getting your pictures back.
Thanks Jimmy, it looks like it infects HTML files, so the jpg archive should be OK. Similarly, I hope the Office files come across OK. I should know by the end of tomorrow, depending on what time I have to work on the problem.
Sorry this isn't to help with OP but I just wanted to understand why you are assuming it was the replacement of Norton that got your Dad's PC infected. Could the viruses have been there and not been detected by Norton, only to be found once you had installed MSE? I have no idea what sites your Dad frequents but to pick up 2 viruses like that in 10 days seems a little, strange. I don't think this is a cautionary tale until all the facts are known.
I am currently using the free editions of Avast and Comodo Firewall and the PC seems to be bulletproof. With lots of RAM, an SSD and decent processing power resources are plentiful Just a thought, because most people are more than happy with the Windows 7 firewall but I wanted more flexibility.
Booga, Thanks for your thoughts; it seems a large coincidence that after 3 years of clean operation, that the system picks something up after a change of AV software. I can't be sure whether Norton missed it, but it was a week or so before MsSE picked up a problem and tried to deal with it. I'm on that machine now running from a live Mint Linux CD and just about to back up the working files (photos etc.) to a spare external HDD.We'll see what happens from there. Cheers
NoScript, the Firefox plugin is also good for stopping unwanted scripts from running but need to involve end user interaction which may not be suitable for everyone.
Seen loads of computers with norton and riddled with viruses. Nothing to say it would have stopped it. Id rather know what your old man has done to get infected rather than what didnt stop it.
It sounds belt and braces, but ensure you have a backup by then copying what you've backed up to another machine. It might also pay to check what's used for email, if it's Outlook you'll need to back up the PST, OST and NLK files. These are stored in hidden folders within the user profile folder, one is AppData which has Local, LocalLow and Roaming folders in it (I can't remember the name of the other folder atm). If he plays games, there may very well be some savegame files tucked away in those hidden folders, too.
I've used MsSE ever since its release and never had a virus, I think its great! Get the photos off and nuke it! Messing about is not worth the time and effort and a clean reinstall is always a good thing!
Used MSSE since the beginning with MWB Pro and been fine. Seen few with Norton and malware and viruses. Hate Ramnit -evil evil thing
AFAIK it gets into the system restore and infects the files there too....VERY nasty. Update tomorrow - just loading up the U 238
