[SGVLUG] AV Guard Virus
Dan Buthusiem
dan.buthusiem at gmail.com
Fri Oct 21 15:46:03 PDT 2011
Did you manage to successfully back up your data from that drive? If
so, then I would recommend re-connecting that drive to the computer
you used for the backup, then formatting that laptop drive. That
should take care of the virus, if it's just affecting that drive.
Now, with that drive outside of your laptop, you should still be able
to successfully POST and boot your laptop with removable drives
(optical disk, flash, usb hdd, etc). If you can boot without that
drive connected, at least you can narrow your boot issues to being
something with that hard drive. I troubleshot a laptop a few months
ago that couldn't always boot from anything until I removed the hard
drive. After a quick trip to Fry's for a new disk and a long stop at
Wendy's to reload the OS, problem solved.
If you haven't solved it by then, I should have time to poke at it at
BC after our next meeting.
On Fri, Oct 21, 2011 at 10:17, Harold Totten <haroldtotten at gmail.com> wrote:
> Have you used AVG or other rescue disk?
> Harold
>
>
> On Tue, Oct 18, 2011 at 7:52 PM, juanslayton @dslextreme.com
> <juanslayton at dslextreme.com> wrote:
>>
>> Could use a little advice myself; apologies for the length of the comment.
>>
>> On Tuesday, October 4, I used my Linux machine (Fedora 13 or 14) for
>> various things, including bumbling around the suspect site (which I will
>> refrain from naming). Closed down the machine in good condition, and drove
>> to Arizona the next day.
>>
>> Used Mom's computer (Windows XP) for various things, including visiting
>> the suspect site and using a link there to forward material to a friend in
>> Stockton (also running Windows). Left the machine running for a while, and
>> when I came back, found the screen frozen. Rebooted manually and found a
>> display "AV Guard," purporting to be an anti-virus program that had
>> identified malware on our system that it could remove (for a fee). Of
>> course, AV Guard is itself a virus.
>>
>> And a fairly sophisticated one, I should say. It not only blocked
>> anti-virus programming resident in the computer; it also redirected my
>> attempts to download anti-malware on line. It repeatedly froze the machine,
>> until ultimately it simply refused to boot at all. No response to the power
>> switch, just a blinking green led on the power supply. We sent that machine
>> back to the store; I haven't yet heard the outcome.
>>
>> Of course we called our friends in Stockton and warned them not to
>> download our e-mail. Too late, they were already dealing with the AV
>> Guard. After our warning, they took it to a local pro, who removed it for
>> about $45. Well, those were Windows machines, we expect that kind of
>> vulnerability from Redmond. I run Linux, should have little to worry about.
>>
>> Guess again. Drove back to Azusa, got home Friday night. And my Linux
>> box, which was working perfectly when I shut it down on Tuesday, refused to
>> boot. It would spin up for a few seconds, then immediately shut down,
>> before even getting a screen display. It would not boot with installation
>> disks from Slackware, Ubuntu, or Fedora. Would not boot with live Fedora.
>> Tried to boot with live Ubuntu and managed to get a few lines of text before
>> the screen froze.
>>
>> So I pulled the hard drive (this was on my laptop), stuck it in my
>> desktop, saved important files on a memory stick, and did a clean
>> installation of Ubuntu. Put
>> the hard drive back into the laptop and tried to boot. No luck.
>>
>> I'm left with 3 questions:
>> 1) How can this virus hose the BIOS so one machine will not boot, and
>> another appears to have a failed power supply.
>> 2) Is there any way to revive my laptop, short of replacing the mother
>> board?
>> 3) Any of you guys need a nearly new battery for an Acer Extensa 1000?
>
>
>
> --
> "poverty is violence against the oppressed"
>
> Harold Totten
> http://www.HaroldTotten.com
> Tujunga, California
>
>
>
More information about the SGVLUG
mailing list