How to get rid of this virus

Hi in my school we recently get this virus that we are calling a porn virus cause when you plug in your flash drive you see all of your normal folders plus dulicate folders ending with .exe....

You also see some new folders named porn.exe etc...

i used mc afee and it fails to pick up this problem....how do i fix these flash drives???
brian ramdhaniCT Technician Asked:
Who is Participating?
 
rpggamergirlCommented:
Run combofix, you need to disable Mcafee shield first so it won't eat combofix's files.


Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

ComboFix tutorial:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
ReubenwelshCommented:
is this a fully updated version of McAfee you are running? if not you need to run another antivirus till you actually find what it is. Without knowing what virus it is it is very hard to help you solve this issue.

Try downloading Avast or Microsoft Security Essentials, both are two very good antiviruses and see if they can find the virus.

Good luck!
0
 
brian ramdhaniCT Technician Author Commented:
yes it is an updated mcafee....
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
ReubenwelshCommented:
Try with another antivirus then, preferably, boot the computer without any 3rd party software running but the antivirus and see if this helps. (run MSCONFIG and turn of all services exept the antivirus and see if that finds anything.
0
 
Thomas Zucker-ScharffSolution GuideCommented:
You should be using flash disinfector and usb-set.  This will disinfect your USB sticks and kill any autorun files that may be used as a vector.

Use Malwarebytes or Avast! to scan your computers.
0
 
Sudeep SharmaTechnical DesignerCommented:
I would recommend you to go through the articles from Younghv that would help you in getting rid of it completly. In short you would need to run Rogue Killer before MalwareBytes full system scan and post the logs here if the problem persists

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 
Sudeep SharmaTechnical DesignerCommented:
Not to mention that you would also need to update the system with Microsoft windows update once you are finished cleaning the system.
0
 
brian ramdhaniCT Technician Author Commented:
this is the log file of combo fix
log.txt
0
 
brian ramdhaniCT Technician Author Commented:
also will this clean flash drives too?
0
 
rpggamergirlCommented:
CF had deleted some bad files there.
No it doesn't clean flashdrives, it only remove flash drive infections that are already in the system.

Try the flash_disinfector that tzucker posted, that removes flash drive infections also(hasn't been updated since combofix also started removing flashdrive infections) sUBs created both tools, other advantage of the Flash_disinfector is it will create bogus autorun.inf folder in each partition.
0
 
brian ramdhaniCT Technician Author Commented:
thanks a lot.....one other question....in our school all we have in terms of security is mc affee antivirus....

what do you all suggest? is that anti virus good enough or should we have other software on these machines
0
 
rpggamergirlCommented:
If McAfee is what's installed there now then I wouldn't suggest changing it till the subscription is due. Antiviruses are basically similar, some may have better detection than others but in terms of rogues none of them are effective.

If the McAfee installed is just an antivirus then you still need anti-malware unless it's a security suite.
The most effective anti-malware so far is MalwareBytes and it's cheap enough you can also get licenses for multiples machines.
http://www.malwarebytes.org/
0
 
Thomas Zucker-ScharffSolution GuideCommented:
I prefer ESET products myself.  I suggest to most users that they use ESET Smart Security.  Is is low maintenance, has a great admin interface, checks connected computers for windows updates as well as installing it's own firewall.  The updates are more frequent so they are smaller and in that way the ESET product takes up a lot less resources.

ESET http://www.eset.com/us/
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.