Thursday, February 10, 2011

Gotcha of the Day: Running a virus scan on an infected computer

One of my laptops is having virus issues again. This time, it was running an up to date version of Norton, yet I still managed to get one of these Fake Virus Checker virus on my laptop. Nasty little sucker.

I was proud of myself for booting into Safe Mode and running Norton there. Unfortunately, it didn't detect the problem.

This left me in a tight spot: I can boot into Safe Mode, but can't detect the virus. I can boot into regular mode, yet can't depend on the machine to run a valid virus check.

I actually found two solutions to this conundrum:

  • Norton comes with a tool: Norton Bootable Recovery Tool. I ran this tool on my laptop that was properly functioning*, and it created an up to date boot disk that I could boot my infected laptop with. Using the boot disk, I was able to run a virus scan.
  • BloopingComputer.com has step by step instructions for manually removing these fake virus programs. The instructions look sound: they have you boot into Safe Mode with Networking and manually disable the proxy server that the virus installed in the background.

For now, I'm going down the path of the first solution. The boot disk setup has scanned 1,240,633 files so far (it's been about 6 hours, and it's still going strong) and has found Trojan.Gen. It hasn't attempted to fix the problem yet, but I'm fairly optimistic that it's going to clean up my little mess.

If not, I've got Plan B ready to go.

Plan C, by the way, is to just buy a new friggin laptop, and install Linux over the infected one.

1 comment:

  1. Anonymous1:52 PM

    I found Malware Bytes' Anti-Malware program to be effective when I had a similar problem...

    ReplyDelete