[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Virus gone bad

Posted on 2012-08-13
9
Medium Priority
?
783 Views
Last Modified: 2013-11-22
ok so last week my boss got a new virus,, it took out all his desktop items and all his my computers and admin programs. I took is hdd and slaved it to my pc and performed a scan with 3 different virus scanners and they all came back ok so i proceeded to manually look for the virus and unfortunately i found it so it took over my pc and i ended up loosing alot as well. I did get the file to essentials who found that no one had been recognizing the virus as a virus so they immediately pushed out a update and i was able to scan find and delete the virus. but that is no my problem, my problem is that one my boss pc all menu items, admin programs(everything in the admin tools folder) are gone, as well EVERY file was hidden.  what i need is to get it all back, there are files listed in the start menu but when you open it up for example smart defrag> empty is what  i get. on my pc it also removed some items but not to the same extent. what can i do i would hate to have to reload two pcs,(i did try a restore to a differnt restore about 2 weeks back) and that had no effect.
0
Comment
Question by:Stormyskies
9 Comments
 
LVL 28

Expert Comment

by:MacroShadow
ID: 38288684
it is very possible that the virus imposed restrictions are still present (assuming that the virus was actually removed completely - which I seriously doubt), there are some tools out there that claim to remove restrictions, personally I use rrt (Sergiwa Antiviral Toolkit Personal 6.8.0.0) unfortunately it is a commercial software but they do provide a free trial.
0
 
LVL 38

Accepted Solution

by:
younghv earned 750 total points
ID: 38288703
If you could be a little more specific about your symptoms and the actions you have taken, we might be able to help you a little more.

This EE Article may be exactly what you need:
Windows-XP-Vista-Recovery-rogue-Desktop-icons-missing-Empty-program-files:

These other EE Articles will give you the basic steps you need to take in almost any situation:

http://www.experts-exchange.com/A_4922.html Rogue-Killer-What-a-great-name
http://www.experts-exchange.com/A_5124.html Stop-the-Bleeding-First-Aid-for-Malware

Please attach the logs generated by any tools/scanners that you use.

**************************************************************************

One thing that you should understand clearly is that there is NEVER any reason to buy some application to clean up malware (as mentioned above). The best products for this kind of work are ALL free (but the creators do accept donations if you are so inclined).
0
 
LVL 9

Assisted Solution

by:Mike
Mike earned 750 total points
ID: 38288748
Just dealt with a similar virus this morning on a remote users laptop.  Luckily I was able to use GoToAssist to remote in, and then did a system restore to Friday.

Have you tried that?
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 38

Expert Comment

by:younghv
ID: 38288760
From the original post:

"(i did try a restore to a differnt restore about 2 weeks back) and that had no effect. "
0
 
LVL 28

Expert Comment

by:MacroShadow
ID: 38288900
The app I recommended is not only to cure the trouble but to prevent it, it sits in the system tray and prevents any harmful changes commonly applied by malware. For the prevention alone I think it is well worth paying for, and especially since from experience I know that the chances of removing completely  (100%) removing the virus are quite nil.
0
 
LVL 9

Expert Comment

by:bill_lynch
ID: 38289078
Have you used malewarebytes?  I recommend booting into safemode on the infected pc and running that.  If you've already ran that program then can you boot up into a linux live cd and copy the files you need from the hard drive to a usb stick.  you may need to re-install windows and wipe the drive...
0
 
LVL 38

Expert Comment

by:younghv
ID: 38289156
@bill_lynch -
Malwarebytes (with one of the 'rogue process stoppers) has already been recommended.
0
 

Author Comment

by:Stormyskies
ID: 38291771
well i tried all of your suggestions but unfortunately it made it worse. my system was so unresponsive I just decided to reload it anyway :( Thanks for your suggestions
0
 
LVL 38

Expert Comment

by:younghv
ID: 38291786
@Stormyskies,

If you haven't already reloaded your OS, please post the logs as requested above.

There is no way for us to even identify the malware unless you participate and respond to our suggestions.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question