95% sure I have a virus, please help

[jasong]

I thought I was smart. I thought,"No way I'm stupid enough to install a virus on my computer." Guess what? Wrong, wrong, wrong.

This file had my grandmother's name on it, AND it had her email address. The reason I know it's a virus(the computer's off, btw) is that when I clicked on it, even though it didn't open, I saw a sentence describing a porn act that was supposedly in the video. It didn't dawn on me until too late what facedance was supposed to mean.

I don't want to allow it to spread, so I'm asking for recommendations on a LiveCD, preferably something less than 100MB that I can use to rid my computer of this crap.

Edit: Additionally, what the F-key to press to get the computer to ask me what to boot from? When I first turn it on, I mean. I don't want it booting to the point where it can access the Internet.(I should probably go unplug that right now, before I forget)

[paulunderwood]

You have a virus scanner that is upto date? Boot the box and press [F8] immeditialy as windows boots and go into "safe mode", run the virus checker and any other cleanup software. Reboot. HTH

Maybe turn on active email scanning too...

[retina]

Quote:

Originally Posted by jasong

This file had my grandmother's name on it, AND it had her email address.

Ah, the social engineering attack. Let me guess, your grandmothers email is also her name?

Quote:

Originally Posted by jasong

Additionally, what the F-key to press to get the computer to ask me what to boot from? When I first turn it on, I mean.

Depends on your mother-board. Some use F2, others uses F10, but most use DEL.

[drake2]

Booting into safe mode to attempt to remove malware is not a good idea. Some of the newer malware takes that into account and can use particularly effective methods to load and run in safe mode. It is a much better idea to remove the drive and scan it in another computer with up to date virus and spyware scanners.

[jasong]

Quote:

Originally Posted by retina

Ah, the social engineering attack. Let me guess, your grandmothers email is also her name?Depends on your mother-board. Some use F2, others uses F10, but most use DEL.

Yeah, her email is her name. I'd never really thought about that until now.

Anyway, sorry about the late response. I wanted to run my Virus Scan program before I did anything else.

I have no idea if I ever had a virus. My guess is I did, since I don't think my grandmother would send me a porn file, not even accidentally. I used system restore before I even scanned my computer, my thought being that it could be a virus that my virus program wasn't aware of, so whether it found a virus or not, I was going to use System Restore either way.

Thanks for the help guys.

[paulunderwood]

Quote:

Originally Posted by drake2

Booting into safe mode to attempt to remove malware is not a good idea. Some of the newer malware takes that into account and can use particularly effective methods to load and run in safe mode. It is a much better idea to remove the drive and scan it in another computer with up to date virus and spyware scanners.

A good point. An alternative to getting the screw driver out, is to use the Ultimate Bood CD -- although this does not have bang-up-to-date virus definitions; I wonder if there are (free) virus/spyware/adware/malware scanning live CDs out there that do.

[markr]

Quote:

Originally Posted by jasong

I have no idea if I ever had a virus. My guess is I did, since I don't think my grandmother would send me a porn file, not even accidentally.

It is possible your computer has a virus now; it may even have had one before. Maybe. But I think it is more likely that there is a virus either on your grandmother's computer or on another computer somewhere that has your grandmother's & your email addresses in its files. Either way, you should let your grandmother know to check her computer is clean & its anti-virus is up-to-date, or do it for her if she's not sure how.

[jasong]

Quote:

Originally Posted by markr

It is possible your computer has a virus now; it may even have had one before. Maybe. But I think it is more likely that there is a virus either on your grandmother's computer or on another computer somewhere that has your grandmother's & your email addresses in its files. Either way, you should let your grandmother know to check her computer is clean & its anti-virus is up-to-date, or do it for her if she's not sure how.

In that case, I still need a Live-CD.

Btw, I went to the "Ultimate Boot CD" web page, but the layout confused me. What should I click on to get the ISO? Are they, in fact, giving out a Live-CD.

[paulunderwood]

On the download page You have the choice of 3 for the "basic" (all you need) version:

1) iso image
2) self extracting zip which unzips to an iso image
3) zip file that needs an unzipping program to get the iso image

(Run md5sum on your file and check the given hashes match -- this can be done from the DOS prompt. For simplicity say your ISO image is on the C: drive in a folder called UBCD_download then you run:
md5sum c:\UBCD_download\name_of_down_load_here.zip
(or .exe or .iso))

With your CD burning software you need to use the special feature called "burning an iso" (not ordinary data copy) to make a bootable CD

Next in BIOS you may have alter the boot precedence to get the CD to boot before the harddisk(s) -- on some boards there is a magic button to press to get the CD to boot before the harddrive when you switch the computer on so you need not go into BIOS.

Be very careful using the Ultimate Boot CD so as not to destroy your system -- carefully select the feature you need i.e. virus checker(s)

HTH

I saw somewhere a up-todate virus checker called "Bart" but the process looked quite involved.