38
cors
8y

Yesterday, my girlfriend caught a virus. There were 5+ running programs, in program files, program files x86, system32, basically everywhere. The virus modified chrome, firefox, edge (and even installed a false uc browser assuming we had one), there are many entries at startup programs, also running daemons, once you kill one of them, the others detect it and replicate their killed fellows. Tried to run a linux live usb disk for a cleanup, but the computer hibernates instead of shutdown, making modifications on disk risky.

I spent hours trying to suppress the processes, do a manual cleanup and antivirus search. It looked all cleaned up, then I reinstalled chrome, and now it switches its homepage everytime I open it, it also injects batch arguments to desktop link forum chrome (deleting it manually does not help, it comes back). I'm a linux guy, and in a few hours, I hated windows more than ever.

If anybody knows the authors, I *really* want to meet them. I promise I'm not going to punch them, but kneel down, bow my head in respect, and say "teach me master."

Comments
  • 4
    Try sysinternal suit.
  • 3
    Use offline recovery with the Windows PE to clear the auto loaders out.

    If you have Windows 10 AE you can also run an offline virus scan to try clearing them out.
  • 18
    Nuke it from orbit, only way to be sure.
  • 0
    @pixeltherapy Exactly what I was gonna say. Except nuke it with fire from orbit.
  • 0
    oh and also try safe mode.
  • 2
    autoruns.exe is indeed pretty brutal for killing whatever process/startupsetting/... you like. Not from sysinternals, but also very good for "infections" of all kinds: adwcleaner.exe @Gowtham95india
  • 7
    Install Linux for her. No offence, but some people just can't use a computer for more than 5 minutes without getting any viruses. Personal experience, much easier to deal with my mother and 2 sisters ever since I installed Linux everywhere in the house...
  • 2
    @antoni4040 yeah, at every little problem, she is forced to listen to me brag about how this wouldn't have happened in linux anyway :D Unfortunately, she needs windows for work.
  • 0
    @cors Good luck then. You'll need it... 😜
  • 2
    @cors are you sure she does? try running the software in wine, might still save you lots of time
  • 2
    Checkout TronScript. boot safe mode and run as admin. https://Reddit.com/r/tronscript :)
  • 0
    authors: Bill Gates
  • 0
    If I see a slight symptom of virus on my pc, it takes me five minutes to decide to reinstall Windows. I've realised I cannot outsmart those virus-designers one bit, if they inject.

    Yeah, yeah. Linux at work, Windows at home. Blames the games.
  • 0
    taskkill /f /fi "status eq running"
Add Comment