Page 1 of 1

virus help

Posted: 2008-05-08 03:21am
by dragon
Recently my antivirus has picked up trojan.win32.monder.gen but is unable to remove it. I have tried a couple of other antivirus and hijack but still no go. Does any one have an idea what this is and how to remove it.

Posted: 2008-05-08 07:45am
by Rin
If this description sounds familiar, link has removal instructions.

Posted: 2008-05-08 02:15pm
by ANGELUS
I had a similar problem about a year ago. I downloaded the trial version of this software and it eliminated it effortlesly (after I had failed to eliminate it with several anti virus tools).

The only problem is that back then the trial version would give you full features for a limited time. The current trial version only diagnoses your problem but if you want to eliminate them you have to buy it. It is not really that expensive (about $40 dollars), but it is really protective, so you might want to give it a try.

Posted: 2008-05-08 03:16pm
by RThurmont
At the risk of sounding like a broken record, your best bet is to do a reinstallation. One minimally-invasive procedure is to resize your current partition as much as possible, and then install a replacement OS into the free space. You can then mount the old partition whenver you need to retrieve data from it. Note that its a good idea to backup your most important files *before* doing the above, as the partition cloning procedure can fail, with disastrous results.

Also, its probably not a bad idea to disconnect the infected computer from the Internet immediately, if you have not already done so, in order to stop the outbound flow of your personal data that might well be occuring.

In fact, if I had to propose a "Viral Recovery Checklist", I'd say, do the following:

1. Disconnect the infected system from the Internet immediately.
2. Power the system off.
3. Boot the system into a Linux live CD, mount the infected OS partition, and copy your most important files off of it, onto a USB drive, NAS or file server.
4. Run ClamAV against the HD from the Linux live CD (some of them, optimized for recovery purposes, likely include it) to remove any blatantly obvious infected files.
5. Use Gparted to resize the infected OS partition.
6. Install your replacement OS.
7. Copy over remaining files of lesser importance from the infected partition, then, perhaps, when you're certain you have anything, nuke it, and either extend your new partition over it, or create a new partition there for storage purposes.

I'd be interested in feedback from others on the validity of my proposed "checklist."

Posted: 2008-05-09 12:52am
by dragon
Ok got rid of it. I contacted the makers of my antivirus and they sent me a special update and allowed my AV to take care of it.