My sis's computer has the Surnova virus and I'm trying o figure out how to get rid of it. Anyone got some ideas? I'd really appreciate the help.
hjack
Printable View
My sis's computer has the Surnova virus and I'm trying o figure out how to get rid of it. Anyone got some ideas? I'd really appreciate the help.
hjack
Try these links, should be a start, you didn't say which variant it was so I included the Sophos links to all of them :)
http://www.sophos.com/virusinfo/anal...2surnovaa.html
http://www.sophos.com/virusinfo/anal...2surnovab.html
http://www.sophos.com/virusinfo/anal...2surnovac.html
http://www.sophos.com/virusinfo/anal...2surnovad.html
http://www.sophos.com/virusinfo/anal...2surnovae.html
http://www.sophos.com/virusinfo/anal...2surnovaf.html
Thnks appreciate it
Instead of manually pick through everything is there a program that will wipe all of the files out and remove the registry key?
hjack
Actually your AV should do most of the work for you. Once you scan it shows where the files are, what kind of malware it is, then it should get rid of everything for you
While most antiviruses should remove the regitry key entries, information about this virus informs that only registry entry is not vitual for removal.
If you get an error on loading windows that it can't find the Supernova file, then look into the registry to remove it. Make a backup (export) of the registry and then delete this entry. If you screw up something, restore the backup (import) and try again....Quote:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Run\Supernova=C:\WINDOWS\BLAARGH.exe
Add: If it's Windows ME or XP that you are running, disable System Restore to make sure Windows doesn't restore the virus.
Quote:
Disabling System Restore
Windows ME and XP utilize a restore utility that backs up selected files automatically to the C:\_Restore folder. This means that an infected file could be stored there as a backup file, and VirusScan will be unable to delete these files. You must disable the System Restore Utility to remove the infected files from the C:\_Restore folder.
WindowsME
1. Right click the My Computer icon on the Desktop and click on Properties.
2. Click on the Performance tab.
3. Click on the File System button.
4. Click on the Troubleshooting tab.
5. Put a check mark next to 'Disable System Restore'.
6. Click the 'OK' button.
7. You will be prompted to restart the computer. Click Yes.
Note: To re-enable the Restore Utility, follow steps one to seven and on step five remove the check mark next to 'Disable System Restore'.
WindowsXP
Disabling the System Restore Utility (Windows XP Users)
1. Right click the My Computer icon on the Desktop and click on Properties.
2. Click on the System Restore tab.
3. Put a check mark next to 'Turn off System Restore on All Drives'.
4. Click the 'OK' button.
5. You will be prompted to restart the computer. Click Yes.
Note: To re-enable the Restore Utility, follow steps one to five and on step three remove the check mark next to 'Turn off System Restore on All Drives'.
source: McAfee