Spok, WA Little Help?

Sometime Saturday night or Sunday morning, my computer caught a virus. Nasty one too. Can't run any commands, even as Administrator, and it disabled all my anti-virus functions.

So I'm going to have to count this computer as a total loss. All my gaming stuff, videos, pictures, games, etc, all gone.

My question is this. Since the virus is on my harddrive, is that the only piece of equipment I'm going to have to replace? Anyone know?

 

Yes, the hard drive is all that you will need.
Also, once you have your new drive with new os and new virus software, you can connect that other harddrive up again as an external drive. Just don't open anything on it and run that virus program on that drive. You should be able to at least copy all of your images, videos, text, pdfs. Just don't touch any programs or MS office files. If the virus program didn't detect something in one of those it could still be trouble if you open it. As long as you don't, you're fine.

 

I don't think I'll be doing that. I've never seen a virus so vicious. Here's what it did:

It blocked my anti-virus scan by getting it stuck on one particular file for over four hours. The scan won't move past it, so it isn't detecting the virus.

The online tools worked for a while, they at least were able to scan the virus (which had infected almost every file in my OS within a day) but unable to launch any removal tools.

Anything that connected to the internet led to a phishing site that demanded payment to run a scan for viruses. Any windows that were opened that were anti-virus or virus removal tools were automatically closed each time.

As it infected the system, it began removing drivers, files, updates, etc, and kept popping up notifications to click to update those files it had deleted.

It also blocked all the basic DOS commands that I tried to remove Windows (which was infected) from my harddrive in order to completely reload it. By blocked I mean it denied me access everytime I tried to remove those files, or move them to a different drive.

It took over admin rights as well, and anything I opened that required those rights was also immediately closed.

My friend Chad thinks he can fix the system, but I'm not so sure. I know of one other person who's had this virus, and they were forced to buy a new harddrive as well.

 

I would do as Cheeser suggests, get a new hard drive and then a SATA to USB conversion kit to try and save what's left on the old drive. Hopefully the virus only attacked your OS files and not your media files, so recovery should be okay. Just run every file you copy back over with your anti-virus.

 

I had a similar situation and I was able to fix it by downloading a great free spyware. It is called Spybot. It is the best. It only asks for donations in return. It is free to download and it should be able to remove the virus for you.

 

Spybot is one of my favorite, so is AG3. But both start the scan, and get stuck on the one file the virus has put up to block them. Even McAfee and Norton get stuck. We're thinking that the virus has also messed with the BIOS, seeing as how I can usually uninstall Windows from the boot disk I insert, and the computer won't recognize the disk anymore, and just boots up as if it weren't there.

Safe mode isn't working either. It will load up the correct way, but the screen size is bigger than the display on my screen, so I end up looking at the middle of the task bar at the bottom, and resizing the display has no effect.

 

See if you can run MalwareBytes before you go formatting your drive.. It seems to be able to grab anything you throw at it.

Also, why buy a new drive? Just wipe the one you've got and reinstall Windows over it.

I'm planning on being at the meeting on Saturday, so if you're there we can talk about it more (provided you haven't already taken care of it).

 

I haven't tried MalwareBytes yet. Might do that tonight.

Wiping the harddrive may not be enough. They way you can start to really wipe the harddrive is to reformat it about 73 times. It's what the government does to the computers they sell back to the public. But it is still no guarantee that that information can't be recovered. Since the data stored on the harddrive is just sitting there, waiting to be overwritten by other data, it is possible to hide something on a harddrive and have it brought back up later. All it needs is the proper pathways to assemble all of the seperated data, and the virus is back. Super improbable, yes, but not impossible. I don't even want to deal with this virus again, and because it's deleting my files, I think it's trying to hide itself in case I format the drive, and I'm worried that it will make a comeback.

The best precaution is for me to completely destroy the harddrive with a hammer, and buy a new one.

 

Actually there is formating software that has multiple options such as write zeros, write alternating zeros and ones, and write zeros, then ones, then zeros again.

 

Yes, I actually learned about that last night at my Men's Bible Study. If reformatting doesn't work, that's the next step before buying a new one. But that software is hard to come by, and exsists in disk format only because of the program type. It reformats right from the disk at start up.

I'm supposed to be getting one of the disks next week.

But again, the only real option to completely wipe the harddrive is with a hammer.

 

Spybot did it. Awesome! Thanks Darth Thadius!

 

Hooray, saved by the internets!

 

In my experience, Malwarebytes Anti-Malware is far superior to Spybot.

 

Hmm. I may need their service.
Been having a similar, though less agressive, experience. Could be because I rarely use my laptop. But it has been stopping my McAfee at some "servicepak/Uninstall" folder and will not scan past it no matter how much time I give it. Then it freezes up everything and I have to do a hard shutdown. The last successful scan I was able to run was on 09/20/09.

How exactly did you get the spybot stuff?
I'm going to give it a shot, but it sounds like your first attempt wasn't too successful. Just in case I wind up going down the exact same path, I could use any advice that you've got.
Danations= Within-My-Budget is a bonus.
Thanks.

 

Spybot is free: Spybot search and destroy

 

The install and set up of spybot wasn't easy. The virus kept shutting down the pop up screens so I had to try about ten times just to get the install window to stay open. But keep trying, that's your best shot.