Grassroots Motorsports

Subscribe get a full year for only $23.95 Sample Free Test Drive—no strings attached

Login to post Forums » Off-topic discussion » My laptop has megavirus

• 

  Feb. 4, 2011 12:13 p.m. cxhb HalfDork

  First off, ill admit I am not the most computer savvy. But recently I seemed to have picked up some crap that loads up a faux "virus sweep" as soon as my computer turns on and locks it up. I then tried turning it on in safe mode and running a virus sweep and it found 3 things, all were then quarantined and deleted. "Problem fixed!" I thought. But no... Still happening. Anybody have any ideas? Contemplating just wiping out everything and starting over... I need to upgrade to windows 7 anyway as I'm still running XP...

  Thanks in advance.

• 

  Feb. 4, 2011 12:16 p.m. Cone_Junky Reader

  Have you gone into the "remove programs" menu to find the offending virus software.

• 

  Feb. 4, 2011 12:24 p.m. 4cylndrfury SuperDork

  XP>7 IMHO.

• 

  Feb. 4, 2011 12:29 p.m. Grtechguy SuperDork

  http://grassrootsmotorsports.com/tech-tips/73/

• 

  Feb. 4, 2011 12:31 p.m. Rusted_Busted_Spit Dork

  My advice is to stay with XP, give 7 a chance to mature some more. Wipe the machine and start over. After the reinstall load your favorite anti virus program (I use Avast, free), install something other than Internet Explorer to use on the web, then set aside a coupleof hours to run all of the windows updates.

• 

  Feb. 4, 2011 12:31 p.m. cxhb HalfDork

  In reply to Cone_Junky:

  I tried in safe mode, found nothing irregular.

• 

  Feb. 4, 2011 1:05 p.m. Mazdax605 HalfDork

  Shotgun???

• 

  Feb. 4, 2011 1:07 p.m. alfadriver SuperDork

  Grtechguy wrote:

  http://grassrootsmotorsports.com/tech-tips/73/

  Which stetp will fix that?

  My wife recently got something similar, and it took some work to force it back onto the net, so that I could find something.

  And I had to go backwards a couple of days in set up.

  But the maleware eventually got it, and I hope cleaned it up.

• 

  Feb. 4, 2011 1:39 p.m. 16vCorey SuperDork

  Go here: http://www.bleepingcomputer.com/forums/forum22.html And do what they say.

• 

  Feb. 4, 2011 1:42 p.m. Salanis SuperDork

  Load a system restore point from before the virus came up. Then run combofix.

• 

  Feb. 4, 2011 1:43 p.m. Fletch1 Reader

  Had some hit me at work. IT guy wiped it clean. I had to on my home computer too. That stuff is hard to track down and remove all of it.

• 

  Feb. 4, 2011 2:02 p.m. GameboyRMH SuperDork

  7 is better than XP for security...it's a lot of money though...I'd recommend Linux over both (which is free).

  Beware that those viruses spread over flash drives (at least most of the Fake AVs I've seen do), so any that have been plugged into that computer recently might be carrying it.

  I'll give you instructions on how to clean the flash drives (or digital camera, MP3 player, any removable USB storage basically). Ideally this should be done from a non-Windows system but here's how to do it in Windows:

  1. Hold Shift while plugging in the flash drive. Don't let go until it's finished recognizing the flash drive and everything.

  2. Open Windows Explorer through the Start Menu.

  3. Click the dropdown next to the address bar and choose the letter of the flash drive. Looking at the flash drive's contents any other way will cause the virus to execute.

  4. Go to Tools, Folder Options, View. Show Hidden Files and folders, do not hide protected system files.

  5. Now we'll see if the drive is infected. If the drive has an icon that looks like a folder in Windows Explorer, you know it's infected right off the bat. Look for autorun.inf. If it exists, it's almost certainly infected. A few special-purpose flash drives use autorun.inf for legitimate purposes but they're incredibly rare, and deleting autorun.inf won't stop you from using them.

  6. Open Notepad, look for Autorun.inf and drag it into Notepad.

  7. Delete the .exe file specified in Autorun.inf, then delete autorun.inf. If you're worried you may have one of those rare flash drives that require the file, you can rename both files for safety (postfix the filename with an underscore or something), and then delete them when you're sure.

  8. The drive is now clean. You can undo what you did in Step 4.

• 

  Feb. 4, 2011 2:19 p.m. cxhb HalfDork

  Will running a system restore get rid of it? Or is that just going to put me back to the date I choose and the virus still be there and active?

• 

  Feb. 4, 2011 2:21 p.m. GameboyRMH SuperDork

  The virus will almost certainly still be there and active.

  These fake AVs are usually very easy to remove, you're lucky you didn't get Virtumonde...

  Any of the free AVs like AVG or Comodo should take care of it.

• 

  Feb. 5, 2011 7:55 a.m. cxhb HalfDork

  Alright, did system restore. Got in the interwebs and downloaded AVG's free trial, I may end up purchasing it. It cleared about 6 or so random things and seems to be running fine now. Thanks for the help everyone!

• 

  Feb. 5, 2011 8:06 a.m. John Brown SuperDork

  I bought a new used ($10.00) hard drive that was "clean"... except for a nasty domant virus. Pissed me off to no end. Glad everything worked out.

• 

  Feb. 5, 2011 11:38 a.m. Kramer HalfDork

  Along with using AVG, I also use Malwarebytes. I got a virus a few days ago, and was able to do a system restore, then scan using both programs. It cleaned it up.

• 

  Feb. 8, 2011 8:12 a.m. foxtrapper SuperDork

  Yea, just got hit with the antivirus dot net one, it blew past AVG like it wasn't there.
  

  The Malwarebytes program was what was needed to finally kill it. Works well.

• 

  Feb. 8, 2011 12:03 p.m. sachilles Dork

  many of them disable the updates to your antivirus program, so they remain undetectable. Best to periodically look at your antivirus program to see that it's been updated.

You'll need to log in to post.

• 
• 
• 
• 
• 
• 

• Jump to
• Top
• Grassroots Motorsports
• Off-Topic
• Sprockets
• $200X Classifieds
• Classic Motorsports