dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
363
share rss forum feed

GdotMikeL

join:2001-04-23
West Chicago, IL

Can't get rid of Stoned.D.2

I downloaded and ran AVG anti-virus program and it detected "Stoned.D.2" virus. I rebooted with my restore CD, in DOS I ran the AVG rescue disk and selected "Test and Clean". In this test it did not detect the Stoned virus and so did not clean it. Any suggestions on how to get rid of this virus?


System


The virus you have infects the master boot sector
on your computer also can infect diskettes so
I hope the diskette you had was write protected.
If you have no success with antivirus software
the easiest way to get rid of it is to delete your
partition and install a fresh copy of Windows.


robot75

join:2000-12-31
Pearl City, HI
reply to GdotMikeL

Before you delete your partition, try this simple solution I used the last time I had the 'stoned' virus. Reboot your computer with your write protected bootable diskette, then issue this DOS command: 'fdisk /mbr'. This command will rewrite the 'master boot record' and wipe out any boot sector viruses contained within.



FutureMon
Ach Du Lieber
Premium,ExMod 2002-05
join:2000-10-05
Seaside, CA
Reviews:
·Suddenlink
reply to GdotMikeL

I've got that sucka on a floppy.

Man that thing is hard to kill.

Kept it as a reminder to all the heinous things that can happen to the masses. Plus cause I couldn't bring myself to get rid of it just because I couldn't kill it (a long time ago). On an aptly labeled floppy I must add...

Surprised it's back again. You must have run something that came from a while back to get that thing.

The older scan programs should detect it no problem.

The real problem is finding one that still has it in the library. Correct me if I'm wrong anyone but I haven't seen or heard of this virus in at least 10 years...

- FutureMan
--
LAT 34°3'15"N,LON 118°14'27"W
Hook into the Team DSLR Seti@Home WU Queue today! It's FREE!
Click here!



FutureMon
Ach Du Lieber
Premium,ExMod 2002-05
join:2000-10-05
Seaside, CA
Reviews:
·Suddenlink
reply to robot75

..HAHA Just remember to NOT MAKE THE BOOTABLE FLOPPY FROM THE INFECTED SYSTEM. Otherwise, you end up with an infected bootable floppy which will happily infect the system it boots upon over and over and over again....

Hence the post you see immediatley above this one hahaha

- FutureMan
--
LAT 34°3'15"N,LON 118°14'27"W
Hook into the Team DSLR Seti@Home WU Queue today! It's FREE!
Click here!


GdotMikeL

join:2001-04-23
West Chicago, IL
reply to robot75

fdisk /mbr did not help, but I have Norton AV 5.0 on my other PC. I installed NAV on this PC and it took care of it- no more virus. Thanks for your help.



DrKatz
I'M Listening

join:2001-01-30
Ramsey, NJ
reply to FutureMon

said by FutureMan:
Man that thing is hard to kill.
....
Correct me if I'm wrong anyone but I haven't seen or heard of this virus in at least 10 years...

Yeah, it's a bad virus. We had an outbreak at work in '94-'95 which took months to completely eradicate. It just kept popping up every few weeks.
--
Time is nature's way to keep everything from happening all at once.


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5

The reason that the virus kept "popping up" every few weeks was you had one or more infected floppies. Stoned and its variants are MBR and floppy boot record infectors. After you cleaned your system, every time you left an infected floppy in the system and powered down, the next time you powered up, as soon as you got a non-bootable disk error message (assuming it was a non-bootable floppy), your hard disk was reinfected. The reason that some antivirus programs have the option to scan floppy disks at shutdown is to prevent what happened to you, being reinfected when you leave an infected floppy in your drive.

Now that you have your hard disk disinfected, you also have to scan all your floppies to find and clean all the infected floppies to prevent it from happening again. While you were infected, the virus infected every floppy you accessed. You aren't finished. Until you find and clean all those infected floppies, you remain at risk of being reinfected.

BTW, using FDISK/MBR can remove boot sector viruses, but it can also leave the data on your hard disk inaccessible with some viruses that relocate and/or encrypt the original MBR (like some variants of the stoned virus). Its best to remove the virus with a good, up-to-date, antivirus program unless you are very certain of what you are doing, and you have positive identification of the virus, and you know its not one that moves or encrypts the original MBR (one of the most common viruses that does this is the variations of stoned.monkey). For that reason, you should never ever suggest to someone to try to remove a MBR virus using FDISK/MBR unless you are absolutely, positively, 100% certain that the virus they have doesn't play games with the original MBR. You are playing Russian Roulette with their entire hard disk contents.
[text was edited by author 2001-08-01 22:10:45]

[text was edited by author 2001-08-01 22:12:09]



Ryan
Premium
join:2001-03-03
Braintree, MA
reply to GdotMikeL

AVG had very bad reviews on virusbtn at erasing virus. It can detetect them but it doesnt do a good job of erasing them which is why I wont use it.