Hard Drive Failure Warning/Windows Recovery Virus - Geeks to Go Forums

Jump to content

Log in Register Register Malware removal guide How it works

Hard Drive Failure Warning/Windows Recovery Virus desktop completely hijacked

#1 idon

  • Group: Member
  • Posts: 21
  • Joined: 29-October 08

Posted 28 May 2011 - 04:31 AM

started my computer, went to yahoo mail to delete spam, computer seemed slow then popped up a window saying critical error hard drive failure, then another window popped up supposedly from my vista recovery program did a fake scan and said my computer was severely infected with multiple issues and my hard drive was compromised and 33% data was unreadable. i rebooted and then it hijacked my entire screen, no icons showed up and continual warnings commenced stating my computer was infected and hard drive was now 39% unreadable. GAWD i hate people who make these programs!!!!

Please help and oh yeah a new warning came up saying windows was unable to save all the data for the file \\System32\\496A8300.The data has been lost.This error may be caused by a failure of your computer hardware.

#2 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,511
  • Joined: 31-May 06

Posted 28 May 2011 - 06:26 AM

Hi there I have three programmes for you to run. The first will restore your files and folders, the second will disable the malware and the final one will let me see where it is hiding

Download Unhide.exe to your desktop and run

THEN

Download RogueKiller to your desktop

  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 1 and validate
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next Reply.

FINALLY

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post both logs

#3 Essexboy

  • Group: GeekU Moderator
  • Posts: 55,511
  • Joined: 31-May 06

Posted 01 June 2011 - 01:46 PM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this topic:


Page 1 of 1