Solved

How to get rid of this virus

Posted on 2011-09-23
13
1,659 Views
Last Modified: 2013-12-09
Hi in my school we recently get this virus that we are calling a porn virus cause when you plug in your flash drive you see all of your normal folders plus dulicate folders ending with .exe....

You also see some new folders named porn.exe etc...

i used mc afee and it fails to pick up this problem....how do i fix these flash drives???
0
Comment
Question by:slingingshot15
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
13 Comments
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36587053
is this a fully updated version of McAfee you are running? if not you need to run another antivirus till you actually find what it is. Without knowing what virus it is it is very hard to help you solve this issue.

Try downloading Avast or Microsoft Security Essentials, both are two very good antiviruses and see if they can find the virus.

Good luck!
0
 

Author Comment

by:slingingshot15
ID: 36587064
yes it is an updated mcafee....
0
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36587082
Try with another antivirus then, preferably, boot the computer without any 3rd party software running but the antivirus and see if this helps. (run MSCONFIG and turn of all services exept the antivirus and see if that finds anything.
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 36587655
You should be using flash disinfector and usb-set.  This will disinfect your USB sticks and kill any autorun files that may be used as a vector.

Use Malwarebytes or Avast! to scan your computers.
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 36587770
I would recommend you to go through the articles from Younghv that would help you in getting rid of it completly. In short you would need to run Rogue Killer before MalwareBytes full system scan and post the logs here if the problem persists

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 36587790
Not to mention that you would also need to update the system with Microsoft windows update once you are finished cleaning the system.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
ID: 36597122
Run combofix, you need to disable Mcafee shield first so it won't eat combofix's files.


Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

ComboFix tutorial:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 

Author Comment

by:slingingshot15
ID: 36598828
this is the log file of combo fix
log.txt
0
 

Author Comment

by:slingingshot15
ID: 36598833
also will this clean flash drives too?
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 36598970
CF had deleted some bad files there.
No it doesn't clean flashdrives, it only remove flash drive infections that are already in the system.

Try the flash_disinfector that tzucker posted, that removes flash drive infections also(hasn't been updated since combofix also started removing flashdrive infections) sUBs created both tools, other advantage of the Flash_disinfector is it will create bogus autorun.inf folder in each partition.
0
 

Author Comment

by:slingingshot15
ID: 36816764
thanks a lot.....one other question....in our school all we have in terms of security is mc affee antivirus....

what do you all suggest? is that anti virus good enough or should we have other software on these machines
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 36895599
If McAfee is what's installed there now then I wouldn't suggest changing it till the subscription is due. Antiviruses are basically similar, some may have better detection than others but in terms of rogues none of them are effective.

If the McAfee installed is just an antivirus then you still need anti-malware unless it's a security suite.
The most effective anti-malware so far is MalwareBytes and it's cheap enough you can also get licenses for multiples machines.
http://www.malwarebytes.org/
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 36956142
I prefer ESET products myself.  I suggest to most users that they use ESET Smart Security.  Is is low maintenance, has a great admin interface, checks connected computers for windows updates as well as installing it's own firewall.  The updates are more frequent so they are smaller and in that way the ESET product takes up a lot less resources.

ESET http://www.eset.com/us/
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
iOS vulnerability (9.3.5) 5 102
ransomware virus 21 135
Ransomware attacks 5 134
What to look for in Fraud Protection Solutions  PoC 1 92
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question