ENTIRE HDD Erased!

[z3r010]

   Warning

Ok no more arguing or I'll start handing infractions out.

 

[gregrocker]

Sounds like it is "hiding" in memory or in the MBR which is NOT affected by format commands unless specified to do so.

Regards,
GEWB

Spybot run from Safe Mode will actually restart to somehow get to whatever it detects hiding in the memory.

Very cool Worth one-milllllllllllion dollars.

 

[Tepid]

Sounds like it is "hiding" in memory or in the MBR which is NOT affected by format commands unless specified to do so.

Regards,
GEWB

Spybot run from Safe Mode will actually restart to somehow get to whatever it detects hiding in the memory.

Very cool Worth one-milllllllllllion dollars.

Spybot is not just scanning memory, and I don't think (but don't know) if it even touches the MBR.

On restart, it takes over as soon as possible to scan the drive before any files can get locked and become in use, so what it finds it can delete.

 

[MacGyvr]

Sounds like it is "hiding" in memory or in the MBR which is NOT affected by format commands unless specified to do so.

Regards,
GEWB

Spybot run from Safe Mode will actually restart to somehow get to whatever it detects hiding in the memory.

Very cool Worth one-milllllllllllion dollars.

Spybot is not just scanning memory, and I don't think (but don't know) if it even touches the MBR.

On restart, it takes over as soon as possible to scan the drive before any files can get locked and become in use, so what it finds it can delete.

I think all this is a moot point. The OP is reinfecting the system himself. It's not "hiding" somewhere.

 

[Lee]

After reading through about 80% of the recommendations here it would appear that the OP is a little hard headed or just doesn't get the big picture.

Now I realize he is doing all he can to save all his information, albeit at this point it is only causing him problems, hence, the files are corrupted; so he needs to bit the bullet and start over. This is a lesson learned as to the necessity of backing up your files, keep UAC active, and ensure you have a good AV installed and activated.

In fact this "Thread should be used to demonstrate the importance of backing up your system, and ensuring that all your files should be placed on some form of external media."

 

[Zidane24]

After reading through about 80% of the recommendations here it would appear that the OP is a little hard headed or just doesn't get the big picture.

Now I realize he is doing all he can to save all his information, albeit at this point it is only causing him problems, hence, the files are corrupted; so he needs to bit the bullet and start over. This is a lesson learned as to the necessity of backing up your files, keep UAC active, and ensure you have a good AV installed and activated.

In fact this "Thread should be used to demonstrate the importance of backing up your system, and ensuring that all your files should be placed on some form of external media."

May I also add that the theories of where the virus keeps appearing from are extremely rare cases...

I have never ever saw a "memory virus" in action...and I have been in the computing business since I was 7 so...13 years now

Will it happen in the future? Probably but right now this is just a little "off base"

 

[Lee]

Zidance24, yes you may add, that is great advice.

 

[Hakon]

uac is meant to make the dumb stop and think before they proceed.

I am done with this.

Keep your ignorance, I have no desire for it.

~Lordbob

+1

[edit: sorry, just saw the "no more arguing post" when i checked next page]

- Hakon

 

[karthurk]

The irony is that after I low leveled formatted, (all my data and projects are now on my MacOS X partition/installation) I installed W7 again, I installed everything that I usually install, UAC, turned down to minimum, AVG Free Antivirus, and the system is TROUBLE FREE, it s been a week now ..... I am going to keep it there for a few weeks there and see if it gets infected or smt...

 

[chrysalis]

something doesnt seem quite right here.

the only way I know a computer can get affected whilst its idle is if there is a remote exploit through open network ports. So the question is, is this a machine behind NAT? if not get that firewall enabled on the router.

In such a scenario UAC may not save the user.

Generally speaking this is the ideal scenario.

PC behind a NAT or firewall enabled router.
Run as limited user account.
Enable software restriction policy.
Scan http/email/IM traffic for viruses.
Restrict activex
Install a security hosts file
Use an adblocker, as a side affect they tend to block various drive by viruses.
Restrict flash, even IE8 can now have the feature to enable flash per website.
Install spywareblaster
If possible use firefox, opera or chrome instead of IE but not necessary if done all the other stuff anyway.

In such a configuration the machine would very unlikely get a successful infection.

 

[Zidane24]

The irony is that after I low leveled formatted, (all my data and projects are now on my MacOS X partition/installation) I installed W7 again, I installed everything that I usually install, UAC, turned down to minimum, AVG Free Antivirus, and the system is TROUBLE FREE, it s been a week now ..... I am going to keep it there for a few weeks there and see if it gets infected or smt...

This once again proves that your data (Projects, etc.) is where the infection lies...I doubt that the OSX partition will be infected nor will the Windows partition will be infected again unless....

1. You transfer that data back over...

Unless you can pinpoint the cause of the infection in your files...this problem is never going to go away

 

[karthurk]

I really hope that you are dead wrong, at the moment, I only copy from my dvd what I need for the current client and so on(his site layout etc, buttons). and when I stumble upon a virus, hopefully I'll know before everything is deleted

 

[Zidane24]

I really hope that you are dead wrong, at the moment, I only copy from my dvd what I need for the current client and so on(his site layout etc, buttons). and when I stumble upon a virus, hopefully I'll know before everything is deleted

I hope I am to but the evidence here is pretty damning as far as your data goes...

 

[gregrocker]

How thoroughly have you scanned the data your retrieved?

I would run Malewarebytes, Avast, Adaware and Spybot over them at a minimum.

Then I would run the same in Safe Mode on my system with data DVD's removed.

Zidane probably knows what combo needs to be run to most assure clean, or not.

I tend to forget Adaware as I dont' use it any longer, but in Europe I helped remove 40,000+ Trojans from laptop using Avast, AVG and Spybot. Adaware found even more the others hadn't.

 

[Tepid]

I would just like to point out my experience with those tools and others....

AVG Free Antivirus = Garbage... I know many people swear up and down one side and the other that it is great,, no,, it's not. I have seen many systems that were inundated with malware/viruses/god knows what else.
I would start AVG scanning and it found nothing.... Scan with an on-line scanner such as ESET and whammo,, AVG pops up "hey, i found a virus", just after Eset caught it and was trying to clean it. So, I'm sorry to say, but after seeing this more than a few times, AVG Free Antivirus (or pay for ware) is garbage.

Adaware - While it may still be good,, it has become bloated. Most of the additional stuff it finds is non-threatening (ie. cookies, garbage files, etc.).

The new Duo in my opinion is Malwarebytes and Spybot. ESET Online scanner (not the installed pay for ware). If the license lapses, it cripples the OS. Big no no in my book.

Microsoft Safety Scanner is pretty good. As are some others.

Just my 2 cents.

For installed AV I recommend Microsoft Security Essentials. It's free and so far has caught some things that could have been bad. Haven't had a problem yet.

Avast - While good, has some niggles I don't like personally. You have to activate it constantly (or it seems anyway). Maybe if you buy it, it's different. But....

KAV - has in the past been a resource HOG.

Norton - Garbage. Resource hog, viruses know how to bypass and disable it.

Mcafee - just plain garbage.

Panda - I don't know that much about.

Avira - while always gets top marks on http://www.av-comparatives.org/ ,, They require (force) you to make a donation to the owners charity. Fine by me, but I won't by the product because of it.

 

[gregrocker]

Agreed, AVG bloated up and never slimmed back to it's old bad self.

Avast took the freebie lead IMO and has stayed there.

Now everyone's talking about MSE. But why move from Avast after nearly 10 flawless years?

I use Malwarebytes and Spybot scanners, for deep scanning and rightclicking files.

But Spybot's teatimer and Internet protection is IMO a goofy mess.

 

[Total]

I have been using Norton for years , and YES the older versions were resource hogs , but the 2010 Norton Anti-virus has a small footprint .. I have cleaned many systems with Mcafee and AVG free version , that were completely infected ..

My 2 cents ..

 

[Tepid]

Well,, after re-visiting AV Comparatives after a long while away from there.. it seems that things have changed, and Yes they hold weight on their findings. They are non-partison and not paid for in the way of buying results. They get paid a fee, but all the software is put through the same tests, They don't score on how much money they are given.

But, Norton was given their best of 2009 award. So, maybe it's worth looking at again.
MSE was given Gold for on-demand proactive malware detection and least false positives. That is nothing to shake a stick at either. They also got a bronze at cleaning malware.

If you go the website and look at the Summary Report 2009 you can see what I am talking about.

Oh yeah,, AVG didn't score jack.

 

[Total]

Well,, after re-visiting AV Comparatives after a long while away from there.. it seems that things have changed, and Yes they hold weight on their findings. They are non-partison and not paid for in the way of buying results. They get paid a fee, but all the software is put through the same tests, They don't score on how much money they are given.

But, Norton was given their best of 2009 award. So, maybe it's worth looking at again.
MSE was given Gold for on-demand proactive malware detection and least false positives. That is nothing to shake a stick at either. They also got a bronze at cleaning malware.

If you go the website and look at the Summary Report 2009 you can see what I am talking about.

Oh yeah,, AVG didn't score jack.

I see that - http://www.av-comparatives.org/images/stories/test/summary/summary2009.pdf

I'm the IT person for a large company ( I'm referred to as cousin IT , by some of the workers , hehehe) and I have not deal with any infections since I have been using norton 2009 and upgraded for free to the 2010 version . I buy 10 pack licenses for 149.99 - you can't get anti-virus protection these days for 15 $ per computer ..

 

[gregrocker]

I buy 10 pack licenses for 149.99 - you can't get anti-virus protection these days for 15 $ per computer ..

Maybe business can't get cheaper, but personal users can.

You'll find many of the experts around here consider the free AV solutions superior in every way.

After doing 100+ installs of Avast free home with no viruses or issues, it is hard to seriously consider a bloaty paid solution which IMO is an infection needing removal, even requiring a special removal tool like malware.