Staff found the viruses as they prepared to upgrade the computerized control systems for the plant´s Block B, which is currently not producing power while it undergoes scheduled maintenance.
Power firm RWE said the infection posed no threat to the plant because its control systems were not linked to the internet, so the viruses could not activate. German federal cyber investigators are now analyzing how the Gundremmingen plant became infected.
No system directly involved with the control of the nuclear reactors was infected, RWE said, and there was no danger to the public as a result of the infection.
More than 1,000 computers have now been checked for infection and cleaned up. The plant has also improved its security controls. All sensitive plant areas are decoupled and designed with redundancy and protected against manipulation, RWE added in a statement.
Among the viruses were two well-known malicious programs - W32.Ramnit and Conficker. Ramnit debuted in 2010 and is a remote access tool that its creators use to steal data. Conficker dates from 2008 and aims to grab login names and financial data.
But RWE said that because the infected systems were isolated from the net, neither Ramnit nor Conficker were able to activate, update and steal data.
According to Mikko Hypponen, chief research officer at F-Secure, power plants and other chunks of a nation´s critical infrastructure were often infected by viruses but such compromises did little damage. "The most common viruses spread without much awareness of where they are," he said
Gundremmingen is about 120km (75m) northwest of Munich and the plant is Gemany´s highest output power station.