Hi guys, I know I don’t post here very often but I’m in need of some help and was wandering if any of you kind folk could lend me a hand.
Little Backdrop:
Main Home PC – Games Etc, XP Home (x2 HD, AVG AntiVirus (Free))
Sony Vaio Laptop – Important Stuff, Vista (x1 HD, NOD32 (Paid))
x4 PenDrives (Bytestor, 1GB, 2GB, 8GB, 16GB)
x1 120 HD Western Digital
I’m a computing student here at a University (England) and on Tuesday we were working in our sandbox computing labs in order to test out bootable OS’s from pen drives etc.
We all work on these machines and you would expect to have some kind of warning if any virus’s would be on the damnd machines, but it turns out the PC’s we were working on had an infectious virus.
Iv been using my small collection of pen drives, and stupidly I brought along my external HD which I used to back my media up onto before I formatted each pen drive.
I also use this HD to back my stuff up from home (I mean I then have it backed up on 3 different drives, so youd have thought it would be alright, hah)
So unbeknownst to me I came home to update some more work, switch the pc on, plug in my shiny new 16GB pen drive (only got it last week), pc acts really slow, word crashes and soon the PC freezes, reboot to find out AVG is shouting about a virus, details:
Trojan Horse PSQ.OnlineGames_r.AP
Found in Windows\System32\c.exe
This sends alarm bells as Im very cautious about my browsing habits and haven’t had a virus in years. Plus I hadn’t physically done anything to actually download anything in-between the time of switching the pc on and plugging in my pen drive.
Automatically suspecting my pen drive must have something and already red in the face as I realised I must have picked it up from the Uni Lab computers, I stupidly plug my HD into the laptop to check I wouldn’t lose anything important by formatting the pen drive.
Obviously brain cells weren’t working as I had plugged the stupid HD into the lab computers as well earlier in the day. Fortunately NOD32 automatically blocked the infection on the HD (I don’t know if its deleted it or just quarantined it) and it hasn’t complained after me unplugging the HD right after, so I can only guess NOD32 must have stopped it in its tracks, details:
G:\6phx.com - Win32/PSW.OnLineGames.NNU trojan
2009-06-16 18:26:13
Real-time file system protection
file G:\Autorun.inf Win32/PSW.OnLineGames.NNU trojan
cleaned by deleting - quarantined
NT AUTHORITY\SYSTEM
Event occurred during an attempt to access the file by the application: C:\Windows\system32\svchost.exe.
Iv looked but no c.exe in the Laptop system 32, but I don’t know if Vista would act differently to the infection if it were, im only praying that it isn’t infected.
So right now I have x3 Pen Drives, my HD (which is supposed to be my back up) and my main pc all infected and im not sure what to do, id format everything, but iv exhausted all of my backups, so right now I have a ton of data id like to save and no way of knowing if I can save this data and format everything without dragging the infection with me.
After doing a little more research this apparently copies itself to all drives on a machine including external drives, and then attempts to infect a new host with every pc it is inserted too. Iv also read that NOD32 cant actually get rid of it, and this is the usual “password stealing, computer compromising” Trojan.
Im not exactly sure how I can clean any of the drives without infecting the machine Iv plugged it into?
Any help?
Thanks
hardware
prices 
