Copying 2009LT Program Files

[gsksun4]

I might have to reinstall autocad because of a virus alert. I don't want to have to redo my settings and macros masde for my toolbars or my workspace. I've already copied my program files folder to a cd. Can I just ovwerwrite reinstall program files folder to get my settings back?

Glenn

2009LT

[ReMark]

Are you wiping the whole drive and reinstalling all programs?

 

Where did you see this virus alert? Was it within AutoCAD itself?

 

AutoCAD and Viruses

 

http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=12903754&linkID=9240617

[gsksun4]

Are you wiping the whole drive and reinstalling all programs?

 

Where did you see this virus alert? Was it within AutoCAD itself?

 

AutoCAD and Viruses

 

http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=12903754&linkID=9240617

 

No, not in AutoCad. I googled something and a hack virus protection program popped up and said there were 12 virus' on my hard drive. I like an idiot clicked on remove and a window came up to buy this piece of garbage. I know better now since IT said when I hit remove, the software probably embedded into my hard drive. They're running a search and remove program as we speak. The virus program that created this mess is callled Security Master AV. IT said they might not be able to find it, and will try Spybot after the search program is exhausted. I also have a window open on my screen taking up 1/4 of my screen I can't get rid of and it's blocking things. It's a warning window saying "Warning, Identity theft attempt detected". It also has a prevent attack button I will not touch. I think they have me by the short hairs.

They also said they might have to redo my hard drive. That means everything reloaded and customized. Not a pretty picture. I went through a lot customizing my cad.

[ReMark]

Your IT department is on the right track. Find and destroy the virus should always be the first step. Only reformat the drive after exhausting all other possibilites. Note that while you can copy all your customizations there are many system variables that are stored in the Windows Registry and not with a drawing. You would lose those settings. I think you can obtain a printout of all of them however.

[gsksun4]

So, I can download the program files I put on the CD and that will retain my customized tool bars?

BTW, the IT guy doesn't think that there's a virus per say, he said that warning is a ploy to buy their software. It only said 12 virus' on my HD, none of the other drives I have access to, about 4, were listed.He wants to find whatever was downloaded and remove it. That will probably get rid of this window open on my screen that won't go away. We already went into remove programs, but didn't see this Security Master AV listed.

[ReMark]

If you do have it there are removal tools available.

 

Only 12? That's really unthinkable. There should be zero. Obviously you have not practiced safe computing habits.

 

I'd hold off doing anything at the moment and see what your IT guy comes up with. If he doesn't find anything or he does and removes it let this be a lesson to you. Create a CD with all your customizations on it and look into getting that list of system variable settings. You could probably write a script file that you could run once to reset your variables.

[gsksun4]

If you do have it there are removal tools available.

 

Only 12? That's really unthinkable. There should be zero. Obviously you have not practiced safe computing habits.

 

I'd hold off doing anything at the moment and see what your IT guy comes up with. If he doesn't find anything or he does and removes it let this be a lesson to you. Create a CD with all your customizations on it and look into getting that list of system variable settings. You could probably write a script file that you could run once to reset your variables.

 

Yes, I have to learn the hard way I guess. Thanks for the input ReMark, I'll keep you posted.

BTW I'm watching this Full Scan tool and it did find a "sm5b7f_2137.exe" Virus Doctor. That sm probably means Security Master, and it's an executable file, so that might be what IT is looking for. I'll keep my fingers crossed.

[ReMark]

I hope it all goes well for you and no reformat is required. Expect a slap upside the head from the IT guy though. You deserve one. Be more careful in the future. Good luck.

[gsksun4]

I hope it all goes well for you and no reformat is required. Expect a slap upside the head from the IT guy though. You deserve one. Be more careful in the future. Good luck.

 

Thanks, the IT guy is a friend and can be bought off with a bag of pretzels.

[gsksun4]

Update: ReMark, IT downloaded Malwarebytes and ran the program. Found it and deleted it. I got lucky. Lesson learned. Thanks again for you input.

Glenn

[ReMark]

Survived another crisis I see. You're one lucky dude! How many lives does your cat have left now? Three?

[gsksun4]

Survived another crisis I see. You're one lucky dude! How many lives does your cat have left now? Three?

 

Not sure about that cat, but I'm a firm believer in what doesn't kill us, only makes us stronger. I just get tired of testing that theory.

Have a good day friend.

Glenn

[dbroada]

on a related note I recently got hit by a virus. I have avast anti virus & commodo firewall (both free). I was doing something and up popped (what looked like) a Windows security update. Being busy, and as I don't run windows security, I rather stupidly clicked the "update" button. Now comes the REALLY stupid bit. My firewall says "do you want xxxx to access yyyyyy?". It took about 3 OKs before I read what was being asked and I hit "stop all internet traffic". Meanwhile, the fake windows message had taken me to a "buy our wares" anti virus page and the virus had stolen Firefox from me!

 

Once the virus had taken hold it grabbed all exe programs in turn and associated itself to them. It was a real pain to get rid of and sent me into the regestry deleting everthing that look like it. Fortunately we have two computers at home and I could use the other one to get instructions and patches to get me up and running.

 

When I got to work and asked our IT department, they had heard of this virus (not really a virus but behaves the same way) and it is a known pig to shift. I was lucky! My biggest problem was that once I had removed it I still couldn't get on to the internet. Eventually I looked at my firewall settings and realised I still had "stop all internet activity" selected.