I am not sure where I picked up some pretty virulent trojans but I am running a control experiment and will avoid forums with advertising to see if this was the source.
McAfee dealt with them after a full scan but they rendered the PC useless for a while.
After such an event I always recommend a document backup and full reinstall with disk format.
It is certainly true that certain well known UK site(s) have been repeatedly infected, and it was mostly their advert feed which got hacked.
After such an event I always recommend a document backup and full reinstall with disk format.
Unfortunately, that is true, because if you catch something reasonably recent, AV software doesn’t usually (IME) fix it. Any half respectable virus disables the AV software so your only chance is to run an AV program which detects dodgy website behaviour i.e. catches it before it gets a chance to execute on your machine. I run Kaspersky at work and at home and that has picked up a lot of this stuff.
The basic issue is forums running off the shelf software like PHP-BB and V-bulletin. They are constantly targetted.
A slightly less drastic method (than a full reformat) is to use a disk imaging program like Trueimage to backup your HD and then you can restore a “known good” version. Due to the backup size, that usually needs a network drive for the backup location. This method also had a special non-obvious advantage: the Trueimage backup (a .tib file) can be mounted as a logical drive (say X:) and virus-scanned using AV software which is running on an uninfected PC. This is a really powerful way of checking for an infected computer, and is similar to virus scanning with AV software running from a bootable CD. In both cases the virus never gets a chance to run its code.
