My Mom got a virus... RIP

[ohJey]

So she downloaded a ZIP file from a email and installed it.  She said she was expecting a shipping label for something she sold, but why would they send a label as a .zip?  

 

So yeah.. I tried scanning it in safe mode and it kept spreading as a deleted it over and over.  Eventually it ended up deleting some boot files and her computer would no longer boot.

 

I put the drive in my computer and started backing up her data onto our network storage.  But then... BOOM!  Windows defender detects a virus D:

 

I hopped on the internet real quick and figured out the virus really likes infecting temporary files first.  So I deleted all temp files and downloaded avast and malwarebytes and scanned as fast as I could.

 

I'm glad to say my computer has lived and I checked the registry and other common locations and it is 100% gone.

 

 

 

TL;DR:

SOOOOooo moral of the story is teach your parents how to use email properly and how to tell scams from real emails.

 

Also.. I'm installing Linux Mint on her laptop because I convinced her that it would be better for what she does, YAY!

[simtransporter]

Well done, removing viruses is pretty much always a massive pain.  I agree with what you said at the end of your post, I think educating people on this subject is really important as it enables them to prevent all sorts of things such as phishing scams and malware in the future.

[Toxic Tom]

How did you manage to get it on your computer too?

[Nickolas47]

I said thank god that my mother doesnt even know how to turn on a pc

[werto165]

And why exactly did you quote the OP and not post anything in your reply?

Can we use -snip please, it too much effort to scroll after a long post. #FirstWorldProblems.

[ohJey]

I said thank god that my mother doesnt even know how to turn on a pc

lol

[ohJey]

How did you manage to get it on your computer too?

I was transferring her files to the NAS using my computer

[Tech_Dreamer]

Woah! you scared me there! when you said your mom got a virus! :lol:

[ohJey]

Woah! you scared me there! when you said your mom got a virus! :lol:

[atrash]

Nice bait title you got there... :lol:

[Toxic Tom]

I was transferring her files to the NAS using my computer

How does that give you a virus?

[Tech_Dreamer]

Sorry bro , couldn't resist!

I'd reccommend you cleaning your mbr as well to remove final trace as well .

[ohJey]

How does that give you a virus?

I have no idea. I only dragged the files from her drive to the NAS. Now that I think about it, maybe it was just detecting the virus on the drive? I dunno

Sorry bro , couldn't resist!

I'd reccommend you cleaning your mbr as well to remove final trace as well .

Yeah that's what I heard I should do, I make sure to do it

[Toxic Tom]

I have no idea.  I only dragged the files from her drive to the NAS.  Now that I think about it, maybe it was just detecting the virus on the drive?  I dunno

Yeah I guess it could have been that.

[GloriousPain]

I'd give her an antivirus because if she's that "non tech savvy" you could run into even more future issues... https://help.ubuntu.com/community/Antivirus just gonna leave that there (yes I know it's a different distro but those points still apply)

[GoodBytes]

So she downloaded a ZIP file from a email and installed it.  She said she was expecting a shipping label for something she sold, but why would they send a label as a .zip?  

 

So yeah.. I tried scanning it in safe mode and it kept spreading as a deleted it over and over.  Eventually it ended up deleting some boot files and her computer would no longer boot.

 

I put the drive in my computer and started backing up her data onto our network storage.  But then... BOOM!  Windows defender detects a virus D:

 

I hopped on the internet real quick and figured out the virus really likes infecting temporary files first.  So I deleted all temp files and downloaded avast and malwarebytes and scanned as fast as I could.

 

I'm glad to say my computer has lived and I checked the registry and other common locations and it is 100% gone.

 

 

 

TL;DR:

SOOOOooo moral of the story is teach your parents how to use email properly and how to tell scams from real emails.

 

Also.. I'm installing Linux Mint on her laptop because I convinced her that it would be better for what she does, YAY!

First question is why is she Admin? You don't run Linux as root the same way you don't run Windows, a user that isn't deeply knowledgeable in computers, as admin either.

[ohJey]

First question is why is she Admin? You don't run Linux as root the same way you don't run Windows, a user that isn't deeply knowledgeable in computers, as admin either.

Very true, but I didn't take the time to think about that before hand.

[GoodBytes]

Very true, but I didn't take the time to think about that before hand.

Anyway.

You can bring back the system back in time. Simply boot from Windows 7 disk, click on Repair on the screen where you are greeted with the Install button.

Then click on System Restore option, and a couple of seconds the wizard will show, and start doing a startup repair check. Cancel that, and then you'll be given the option to bring back the system back in time. Pick a restore point before the virus infection, and voila. In a few minutes, the system will no longer have the virus, and restore back the way it was. Once done, make sure the zip file is not on the system (as it doesn't affect personal files).

If that fails:

Re-installing Windows 7 via a USB key should take about 7min (depends on the system speed and USB key).

Download SP1 before hand, and install it when Windows 7 is installed and the drivers are installed, that will save you a bunch of updates to do.

Do the remaining ones. And install the software she uses at the same time, and off you go you are done.

[ohJey]

Anyway.

You can bring back the system back in time. Simply boot from Windows 7 disk, click on Repair on the screen where you are greeted with the Install button.

Then click on System Restore option, and a couple of seconds the wizard will show, and start doing a startup repair check. Cancel that, and then you'll be given the option to bring back the system back in time. Pick a restore point before the virus infection, and voila. In a few minutes, the system will no longer have the virus, and restore back the way it was. Once done, make sure the zip file is not on the system (as it doesn't affect personal files).

If that fails:

Re-installing Windows 7 via a USB key should take about 7min (depends on the system speed and USB key).

Download SP1 before hand, and install it when Windows 7 is installed and the drivers, and installed, that will save you a bunch of updates to do.

Do the remaining ones. And install the software she uses at the same time, and off you go you are done.

okay thanks for the tips

[jbr]

Brad_Pitt_Nude.EXE FTW!

[SkilledRebuilds]

Happy I have a 4TB set aside for selected client's "System image" backups.

If anything goes wrong, image is restored and pre restored documents are backed up.

 

Saves me so much time hunting down nasties....

[EmotionalSloth]

I never got a virus, so I never had to worry about that stuff

And my parents use mac, so don't have to worry about that either...

[steffen_anywhere]

Woah! you scared me there! when you said your mom got a virus! :lol:

 

Ah hah haaahhh...

[JAW96]

after reading this I just felt the need to do a overnight boot-time scan, didn't find anything besides some corrupted files

[Leonard]

Nice bait title you got there... :lol:

:lol: Yeah i was thinking something else too  :lol: