close

Privacy guaranteed - Your email is not shared with anyone.

Welcome to Glock Talk

Why should YOU join our Glock forum?

  • Converse with other Glock Enthusiasts
  • Learn about the latest hunting products
  • Becoming a member is FREE and EASY

If you consider yourself a beginner or an avid shooter, the Glock Talk community is your place to discuss self defense, concealed carry, reloading, target shooting, and all things Glock.

Virus came home with school work…. Help!

Discussion in 'Tech Talk' started by Dyno, Feb 10, 2011.

  1. Dyno

    Dyno

    168
    0
    Oct 11, 2002
    Ga
    My granddaughter brought some of her school work home on a flash drive and it had a virus in it.

    Well it got in my HP desktop computer and messed things up and AVG did not help. So I had the idea to just let the HP do what it calls a destructive reload of the os. When everything was finished with the newly installed os I used IE to go to major geeks for the AVG free and Malwarebytes so things would get started off on the right foot. Well guess what ??? After the new os reload IE would not let me go to major geeks and redirected itself to another website. I finally got avg and malwarebytes installed by going to Google websight and installing Chrome and then getting AVG and Malwarebytes before it could take over Chrome.

    How do I clear a virus from a flash drive ?

    How did that virus survive the os destructive reload and what should I do next ?

    Thanks in advance , Dyno
     
  2. HerrGlock

    HerrGlock Scouts Out CLM

    23,791
    182
    Dec 28, 2000
    What virus? Yes it makes a difference.

    Some viruses attach to the boot sector which may or may not get cleaned by a reinstall. Some of the newer ones actually attach to the area of the drive where the OS reinstall image is stored so you cannot get rid of it.
     


  3. Dyno

    Dyno

    168
    0
    Oct 11, 2002
    Ga
     
  4. gemeinschaft

    gemeinschaft AKA Fluffy316

    2,194
    18
    Feb 7, 2004
    Houston, TX
    This is exactly why I don't like the Recovery Partitions that HP likes to setup.

    Dyno, do you have physical discs that you can reinstall Windows from?
     
  5. HerrGlock

    HerrGlock Scouts Out CLM

    23,791
    182
    Dec 28, 2000
    http://housecall.trendmicro.com/
     
  6. JimmyN

    JimmyN

    1,266
    7
    Sep 29, 2006
    Virginia
    Did the recovery delete all your documents and installed software? If it didn't then you did a system recovery rather than a destructive recovery. System recovery just replaces system files, destructive recovery re-formats the drive then installs the OS.

    You can use Malwarebytes to scan the flash drive. Start Malwarebytes and select "Perform Full Scan" to get a drive list. Remove the check from C drive and put a check in whatever drive letter the flash drive is using.
     
  7. Dyno

    Dyno

    168
    0
    Oct 11, 2002
    Ga
    gemeinschaft ,
    No physical discs with this HP box.

    HerrGlock ,
    Thanks for the Trend link , I'll post results today.

    JimmyN ,
    I will do that this afternoon.

    Dyno
     
  8. Pierre!

    Pierre! NRA Life Member

    3,968
    144
    Jun 20, 2003
    Lovin Sparks Nv!
    Hey Dyno,

    Don't forget to press <F8> while the system boots. Then select SAFE MODE W/ NETWORKING

    Then do your scans. It will work much more effectively, most likely on the first try...

    HTH
     
  9. Dyno

    Dyno

    168
    0
    Oct 11, 2002
    Ga
    Pierre ,
    Thanks for the tip on the f8 and scan in safe mode. I did not get to do this yesterday so today is the day. I will post findings.

    Dyno
     
  10. gemeinschaft

    gemeinschaft AKA Fluffy316

    2,194
    18
    Feb 7, 2004
    Houston, TX
    I would also suggest that after you start in Safe Mode, you can go to

    RUN --> MSCONFIG and look at the "Startup" tab.

    There, you will find a list of the all of the processes that are scheduled to start up when you boot your system normally.

    Many times, you can see the virus that is running in the background from this screen and simply remove it from the Startup tab. Of course, this is just a bandaid that is to be applied until you find how to remove the virus, but it can lead you to where the virus is hiding.
     
  11. C.Lee

    C.Lee

    212
    0
    Nov 18, 2009
    Maine
    For future reference. By default AVG does not scan removable drives, you have to turn it on yourself, at least that is how it works for me.


    Open AVG, Tools, Advanced settings, scroll down to and expand "scans", Put a check mark in the box next to "Enable Removable device scan"
    also put a check in "use heuristics", "enable thorough scan" and select "all file types" and put a check in "scan files without extensions" and anything else you wish.

    Click on "apply".

    AVG should now scan every removable drive when it is first plugged in.
    You may also want to turn off auto-play on any drives other than your DVD drives, I think windows had a patch that stops auto-play on all non DVD drives.
     
  12. hamster

    hamster NRA Life Member

    3,146
    14
    Feb 22, 2010
    Try the free and excellent Microsoft Security Essentials. It is fairly good at clearing up infections.
     
  13. Linux3

    Linux3

    1,399
    0
    Dec 31, 2008
    The last time I 'Ran' a MS OS was Windows 98. Well, actually 98SE. When I found that 98SE was nothing but a bug fix for 98 AND I had to pay for it I moved to Solaris for x86.

    I gotta ask, why is Microsoft Security Essentials 'fairly good'?
    I mean, MS releases an OS that is insecure and open to viruses, worms, trojan horses and tigers; Oh my.
    Then they have the OPTION of installing Security Essentials. Why not just make it part of the basic OS install?
    It's not for ethical reasons. MS has no problem changing the DRM or WGA or IE plugins without permission. Why not just secure the OS and install their Security package by default?

    Lots of companies have made major bucks selling third party stuff in an effort to secure Microsoft's mistakes. Is MS getting a cut of the action?

    If Security Essentials is indeed essential why is installing it an option?

    To me and many people I know the whole thing is actually kind of funny but I don't think Microsoft is doing this just for my amusement.
     
  14. Pierre!

    Pierre! NRA Life Member

    3,968
    144
    Jun 20, 2003
    Lovin Sparks Nv!
    And my final comment for this thread...

    Schools are the *worst* place for virus and malware. Children haven't learned enough about computers to protect their thumb drives, or learn all the nuances of security and what to be concerned about.

    Teens - These are some really malicious kind of 'students'. They actively work to exploit any flaws in the district IT plans and architecture. It's a game for many of them - the goal? Free Grades, Attendance Records 'updates'... You name it, they go after it!

    So - When that USB drive or the CD-Rom disk comes home from the school with work to be transferred to the main computer... The *first* thing you should do is scan the media for virus and malware infection. Catch it before it gets a chance to latch on to your system.

    It would also make sense to make sure you have a recent backup updated as well! Sure does make recovery a joy when there is very little pressure due to a recent data backup. :cool:

    Better yet, use the built in Windows 7 'Drive Image' backup to ready your system for a complete restore... After the initial 'Drive Image' is created, the next backups go VERY quickly!

    Hope that helps you out!
     
  15. IndyGunFreak

    IndyGunFreak

    25,800
    1,059
    Jan 26, 2001
    Indiana
    I've found scanning w/ Networking under Safe Mode, to be problematic with some viruses. I've scanned "w/ Networking" rebooted, and still had the virus despite it previously showing "cleared". I'm assuming the virus determines it has been removed, and uses the network connection to reinstall itself...

    What I've usually done...

    1. Boot safe mode, update antivirus/malware software.
    2. Reboot to safe mode w/o networking
    3. Run scans.
    4. Back to normal OS...

    IGF
     
  16. Pierre!

    Pierre! NRA Life Member

    3,968
    144
    Jun 20, 2003
    Lovin Sparks Nv!
    Agreed. Just depends on whether the infection will provide a clean update while in standard operating mode... or if it will load AV/AM at all.

    It does allow the user to upgrade the sig file, which could be considered important for a first scan cleanup...

    Really a case by case process! and, the user needs to know to update sig files in the first place :supergrin:

    HTH
     
  17. Some kinds of infections will disable some parts of AV or malware programs so even when they're run they miss the virus/malware. One of my machines recently got hit with a google redirect virus/malware that was particulary nasty and difficult to get rid of. :steamed: The infected machine is scanned weekly with McCafee Security Center and Malwarebyes yet both missed the infection and wouldn't clean it. It took several hours of running Combofix (from BleepingComputers) to remove the infection (appeared to be a rootkit). Combofix is a last resort type of fix though, its better to try other fixes before resorting to it.

    DSLReports has some good suggestions for cleaning malware/virus off one's computer and they also have a remove rootkit page for dealing with those too.