New PC infected?

  tasslehoff burrfoot 22:24 18 Jul 04
Locked

Hi

For reasons that I won't go into here (I'll make a new thread for that) I have had to restore my PC to factory settings.

As soon as I had done so, I downloaded zonealarm, disconeected from the internet, set it up, then downloaded spybot, adaware, spywareblaster, AVG and A2.

I then dsconnected from the internet and ran all of the above. A2 came up with trojan.killreg.something and cleaned it.

What I am concerned about is that this exact same trojan was found when I first bought the PC. Is it possible that the restore partition (my XP is OEM) is infected? But A2 is scanning the restore partition so surely it would have cleaned it first time round?

If not the partition it must be from PCA, download.com, lavasoft, safer-networking or major geeks, as these are the only places I went to.

None of these seem likely so what has happened?

Thankyou

Tas

  johnsims 22:45 18 Jul 04

According to the Pest Patrol site, Trojan.Win32.KillReg.a has a date of origin of April 2004, so unless your PC is very new, it is unlikely to have come with the machine. Again, according to the P P site, it nukes the registry - is this why you had to reinstall windows? More worrying is that it could have come from PCA downloads!

  harps1h 22:54 18 Jul 04

if it was there how can you say it came from a pca download? how can you be certain it did not infect your machine from another source before you finshed down loading your av?

  tasslehoff burrfoot 22:58 18 Jul 04

Thanks for that, I actually bought my PC at the end of April so this is a possibility.

I have the utmost faith in PCA, lavasoft and safer networking. I am assuming majorgeeks and download.com are safe (I'd be very suprised if not).

How likely is it that the PC is a returned item, infected, and put straight back on sale without being checked? (apart from a factory restore of course).

Tas

  hillybilly 23:01 18 Jul 04

"How likely is it that the PC is a returned item, infected, and put straight back on sale without being checked? (apart from a factory restore of course)."

Quite possible!

What should do is switch off system restore, shut down and restart your PC. then you can reset system restore, which should run from a new point today.

  tasslehoff burrfoot 23:02 18 Jul 04

I didn't say it came from a PCA download. I am not certain of the source, hence my question. It's a trojan so I would not expect my AV to find it.

For the record I did not download anything from PCA, I searched the helproom for the products I wanted and followed the links provided in previous postings.

I am not suggesting PCA is in anyway a part of my problem!

Tas

  tasslehoff burrfoot 23:06 18 Jul 04

I don't mean system restore, I mean the manufacturers restore partition (i.e. like a restore CD you would get from Tiny etc but on a partition of C: drive) which removes everything from the hard drives and puts the computer to the same state as when it was sat on the shelf in the shop.

Tas

  hillybilly 23:09 18 Jul 04

Whoops sorry misunderstood!

  harps1h 23:13 18 Jul 04

would you try running stinger. i had the blaster worm last week which i thought should have been picked up by my av, only when i ran stinger it found it and got it out.

  tasslehoff burrfoot 23:20 18 Jul 04

thankyou.

Do you know where I can find stinger?

Tas

  johnsims 23:23 18 Jul 04

Pest Patrol will remove this particular beast
click here

This thread is now locked and can not be replied to.

Best phone camera 2016/2017: Galaxy S7 vs iPhone 7 vs Google Pixel vs HTC 10 Evo vs OnePlus 3T vs…

1995-2015: How technology has changed the world in 20 years

Best Christmas Agency Projects of 2016

Super Mario Run preview | Hands-on first impressions of Super Mario Run: Mario's iPhone & iPad…