Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to get rid of this virus

Posted on 2011-09-23
13
1,656 Views
Last Modified: 2013-12-09
Hi in my school we recently get this virus that we are calling a porn virus cause when you plug in your flash drive you see all of your normal folders plus dulicate folders ending with .exe....

You also see some new folders named porn.exe etc...

i used mc afee and it fails to pick up this problem....how do i fix these flash drives???
0
Comment
Question by:slingingshot15
  • 4
  • 3
  • 2
  • +2
13 Comments
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36587053
is this a fully updated version of McAfee you are running? if not you need to run another antivirus till you actually find what it is. Without knowing what virus it is it is very hard to help you solve this issue.

Try downloading Avast or Microsoft Security Essentials, both are two very good antiviruses and see if they can find the virus.

Good luck!
0
 

Author Comment

by:slingingshot15
ID: 36587064
yes it is an updated mcafee....
0
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36587082
Try with another antivirus then, preferably, boot the computer without any 3rd party software running but the antivirus and see if this helps. (run MSCONFIG and turn of all services exept the antivirus and see if that finds anything.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 36587655
You should be using flash disinfector and usb-set.  This will disinfect your USB sticks and kill any autorun files that may be used as a vector.

Use Malwarebytes or Avast! to scan your computers.
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36587770
I would recommend you to go through the articles from Younghv that would help you in getting rid of it completly. In short you would need to run Rogue Killer before MalwareBytes full system scan and post the logs here if the problem persists

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36587790
Not to mention that you would also need to update the system with Microsoft windows update once you are finished cleaning the system.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 36597122
Run combofix, you need to disable Mcafee shield first so it won't eat combofix's files.


Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

ComboFix tutorial:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 

Author Comment

by:slingingshot15
ID: 36598828
this is the log file of combo fix
log.txt
0
 

Author Comment

by:slingingshot15
ID: 36598833
also will this clean flash drives too?
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 36598970
CF had deleted some bad files there.
No it doesn't clean flashdrives, it only remove flash drive infections that are already in the system.

Try the flash_disinfector that tzucker posted, that removes flash drive infections also(hasn't been updated since combofix also started removing flashdrive infections) sUBs created both tools, other advantage of the Flash_disinfector is it will create bogus autorun.inf folder in each partition.
0
 

Author Comment

by:slingingshot15
ID: 36816764
thanks a lot.....one other question....in our school all we have in terms of security is mc affee antivirus....

what do you all suggest? is that anti virus good enough or should we have other software on these machines
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 36895599
If McAfee is what's installed there now then I wouldn't suggest changing it till the subscription is due. Antiviruses are basically similar, some may have better detection than others but in terms of rogues none of them are effective.

If the McAfee installed is just an antivirus then you still need anti-malware unless it's a security suite.
The most effective anti-malware so far is MalwareBytes and it's cheap enough you can also get licenses for multiples machines.
http://www.malwarebytes.org/
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 36956142
I prefer ESET products myself.  I suggest to most users that they use ESET Smart Security.  Is is low maintenance, has a great admin interface, checks connected computers for windows updates as well as installing it's own firewall.  The updates are more frequent so they are smaller and in that way the ESET product takes up a lot less resources.

ESET http://www.eset.com/us/
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question