I Need Help!
-
- 4 Star Admiral
- Posts: 26014
- Joined: Fri Jul 13, 2007 10:58 pm
- Location: Poblacht na hÉireann, Baile Átha Cliath
I Need Help!
As I mentioned over in Forum Community, my laptop has been hit with a virus of some sort. Every time I connect to the internet, a .exe of some sort will try and start running. Norton, however, asks me each time whether or not I want to allow it to run, so I've been able to stop it doing anything (at least, I think I have).
Each time it tries to run, it's named something different. Names I remember off the top of my head are x68.exe, 2252.exe and F163.exe. Each time Norton says that the .exe is located in C:\Users\[Me]\AppData\Local\Temp. Looking through the folder this directed me through, I found what appears to be some sort of record of all the files I've been looking at via the internet. I ran an anti-virus check on the Temp folder twice (once when I first found the folder, a second time while the .exe was asking for permission to run), but it's turned up nothing.
So my question is this. Could I simply delete everything inside the Temp folder? Would that kill the virus, as it seems to be originating from there? Also, would deleting that stuff cause something bad to happen to my computer?
I've no idea about what the consequences of deleting all that stuff could be, since playing games, browsing the web and basic screwing around with the software is the extent of my knowledge of computers, so I'd really a response.
Each time it tries to run, it's named something different. Names I remember off the top of my head are x68.exe, 2252.exe and F163.exe. Each time Norton says that the .exe is located in C:\Users\[Me]\AppData\Local\Temp. Looking through the folder this directed me through, I found what appears to be some sort of record of all the files I've been looking at via the internet. I ran an anti-virus check on the Temp folder twice (once when I first found the folder, a second time while the .exe was asking for permission to run), but it's turned up nothing.
So my question is this. Could I simply delete everything inside the Temp folder? Would that kill the virus, as it seems to be originating from there? Also, would deleting that stuff cause something bad to happen to my computer?
I've no idea about what the consequences of deleting all that stuff could be, since playing games, browsing the web and basic screwing around with the software is the extent of my knowledge of computers, so I'd really a response.
"You've all been selected for this mission because you each have a special skill. Professor Hawking, John Leslie, Phil Neville, the Wu-Tang Clan, Usher, the Sugar Puffs Monster and Daniel Day-Lewis! Welcome to Operation MindFuck!"
-
- 3 Star Admiral
- Posts: 10654
- Joined: Tue Mar 31, 2009 10:49 pm
- Location: Jeri Ryan's Dressing Room, Shhhhh
Re: I Need Help!
Nuking a temp folder isn't a big deal. At worst you'll have to wait for something to redownload from the websites. That said it's highly unlikely that deleting that file will actually ride you of the virus. Try downloading Malwarebytes anti-malware and running that. Norton is kinda meh when it comes to dealing with just emerging viruses.
-
- 4 Star Admiral
- Posts: 26014
- Joined: Fri Jul 13, 2007 10:58 pm
- Location: Poblacht na hÉireann, Baile Átha Cliath
Re: I Need Help!
Yeah, Norton has left me thoroughly unimpressed. I guess it's a good thing I've never been hit with anything serious. I'll download that Malwarebytes thing, and see if that can help. Thanks.
Temp folder being nuked. Let's see if that does anything. I'm hoping it will. Given that the virus has consistantly asked for permission to be run, it doesn't strike me as an expert job, so maybe a simple solution will deal with it.
Temp folder being nuked. Let's see if that does anything. I'm hoping it will. Given that the virus has consistantly asked for permission to be run, it doesn't strike me as an expert job, so maybe a simple solution will deal with it.
"You've all been selected for this mission because you each have a special skill. Professor Hawking, John Leslie, Phil Neville, the Wu-Tang Clan, Usher, the Sugar Puffs Monster and Daniel Day-Lewis! Welcome to Operation MindFuck!"
Re: I Need Help!
Deleting the Temp folder will not remove the virus. The invasive spyware is likely hidden in the System Registry. Do what tyyr has suggested and download Malwarebytes. Run Norton in Safe Mode. Run Malwaybytes in Safe Mode. No networking in Safe Mode.
http://www.malwarebytes.org/
http://www.malwarebytes.org/
"Bible, Wrath of Khan, what's the difference?"
Stan - South Park
Stan - South Park
-
- 4 Star Admiral
- Posts: 26014
- Joined: Fri Jul 13, 2007 10:58 pm
- Location: Poblacht na hÉireann, Baile Átha Cliath
Re: I Need Help!
What's the difference between safe mode and....whatever the default mode is?
And what do you mean by no networking in safe mode?
And what do you mean by no networking in safe mode?
"You've all been selected for this mission because you each have a special skill. Professor Hawking, John Leslie, Phil Neville, the Wu-Tang Clan, Usher, the Sugar Puffs Monster and Daniel Day-Lewis! Welcome to Operation MindFuck!"
-
- 4 Star Admiral
- Posts: 26014
- Joined: Fri Jul 13, 2007 10:58 pm
- Location: Poblacht na hÉireann, Baile Átha Cliath
Re: I Need Help!
Alright, I have Malwarebytes downloaded and doing a full scan of the C and D drives. I also restored the stuff I'd deleted out of the Temp folder to where it previously was in case that helps the scanner find it.
Also, I've nearly two fricken gigs worth of crap in the Temp folder. Once this virus is gone, I'm just going to blitz it anyway to make some space.
Also, I've nearly two fricken gigs worth of crap in the Temp folder. Once this virus is gone, I'm just going to blitz it anyway to make some space.
"You've all been selected for this mission because you each have a special skill. Professor Hawking, John Leslie, Phil Neville, the Wu-Tang Clan, Usher, the Sugar Puffs Monster and Daniel Day-Lewis! Welcome to Operation MindFuck!"
Re: I Need Help!
Safe Mode disables all external devices except for the keyboard and mouse. Basically nothing is running except the Operating System. I added the "no networking" thing in case you are asked to make a decision what kind of Safe Mode you want to enter. With only bare-bones programs running, there is a chance that the invasive program will be idle and Norton or Malwarebyte can delete anything that is a problem.Sionnach Glic wrote:What's the difference between safe mode and....whatever the default mode is?
And what do you mean by no networking in safe mode?
To enter Safe Mode, I have to boot-up the computer and when the Dell Stuff appears, I repeatedly tap F8. I don't know what you have to do for laptops.
How can i boot my laptop in safe mode?
"Bible, Wrath of Khan, what's the difference?"
Stan - South Park
Stan - South Park
Re: I Need Help!
You might have to turn off System Restore.Sionnach Glic wrote:Alright, I have Malwarebytes downloaded and doing a full scan of the C and D drives. I also restored the stuff I'd deleted out of the Temp folder to where it previously was in case that helps the scanner find it.
Also, I've nearly two fricken gigs worth of crap in the Temp folder. Once this virus is gone, I'm just going to blitz it anyway to make some space.
"Bible, Wrath of Khan, what's the difference?"
Stan - South Park
Stan - South Park
-
- 4 Star Admiral
- Posts: 26014
- Joined: Fri Jul 13, 2007 10:58 pm
- Location: Poblacht na hÉireann, Baile Átha Cliath
Re: I Need Help!
Hm, alright. Thanks guys.
"You've all been selected for this mission because you each have a special skill. Professor Hawking, John Leslie, Phil Neville, the Wu-Tang Clan, Usher, the Sugar Puffs Monster and Daniel Day-Lewis! Welcome to Operation MindFuck!"
-
- 3 Star Admiral
- Posts: 10654
- Joined: Tue Mar 31, 2009 10:49 pm
- Location: Jeri Ryan's Dressing Room, Shhhhh
Re: I Need Help!
No problem.
Take it from someone who's had to clear out more than a few viruses. Do yourself a favor and create a hard drive partition with nothing but your OS on it. Store your programs and data in other hard drives or partitions. Then if you get a virus you nuke the OS partition and reload it. It typically takes less time to wipe the OS from a dedicated partition and reload it than it does to root out a virus.
Take it from someone who's had to clear out more than a few viruses. Do yourself a favor and create a hard drive partition with nothing but your OS on it. Store your programs and data in other hard drives or partitions. Then if you get a virus you nuke the OS partition and reload it. It typically takes less time to wipe the OS from a dedicated partition and reload it than it does to root out a virus.
Re: I Need Help!
CCleaner can get rid of a lot of that.Also, I've nearly two fricken gigs worth of crap in the Temp folder. Once this virus is gone, I'm just going to blitz it anyway to make some space.
No trees were killed in transmission of this message. However, some electrons were mildly inconvenienced.
Re: I Need Help!
CCleaner is an excellent little tool, though be sure not to download the main version, but the lean version thats buried on the website - doesnt try and instal nasty toolbars and whatnot.
"You ain't gonna get off down the trail a mile or two, and go missing your wife or something, like our last cook done, are you?"
"My wife is in hell, where I sent her. She could make good biscuits, but her behavior was terrible."
"My wife is in hell, where I sent her. She could make good biscuits, but her behavior was terrible."
Re: I Need Help!
The way around that is simple, uncheck the toolbars when you install.kostmayer wrote:CCleaner is an excellent little tool, though be sure not to download the main version, but the lean version thats buried on the website - doesnt try and instal nasty toolbars and whatnot.
No trees were killed in transmission of this message. However, some electrons were mildly inconvenienced.