Hello all...once again I am plagued with a trojan/virus. It is called 'Windows Restore' and it has almost completely co-opted my system. I have run Super Anti Spyware, PC Doctor, AVG, nothing works. I also get a warning:
"Windows-Delayed Write Filed" that says, "Windows was unable to save all the data for the file \\System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware".
Any button I push on this warning, 'Cancel', 'Try Again', or 'Continue', causes a reboot, after which the Windows Restore runs a diagnostic again. I seem to have lost all of my libraries/documents and a bunch of icons off of my desktop.
I ran 'HiJack This', and have a screen shot of 'Windows Restore', but I cannot seem to attach either file to this post, so any help is appreciated. Thanks in advance.
PS, my O/S is Win 7 Professional.....
New virus?
New virus?
"If it's a mess, we've been there"
If it is a virus, your best bet is to save what you can & reinstall if it it has that much control. However, it sounds much more like you have either a hard drive or drive controller issue. Once again, save what you can onto a different drive/disc ASAP. There's a small chance it could be a cable or memory stick, so it doesn't hurt to wiggle them around to be sure. Once done with that, I suggest running the drive scanning utility from whatever manufacturer's hard disc you have.
-
FlyingPenguin
- Flightless Bird
- Posts: 33161
- Joined: Wed Nov 22, 2000 11:13 am
- Location: Central Florida
- Contact:
I'm impossible to say what's real actually an error and what's fake. The delayed write SOUNDS like a serious hard drive issue, and the crash and reboot seems to confirm that, but since the system is compromised who knows?
I would definitely backup your data while you can. Then run Spinrite level 2 or scandisk FROM OUTSIDE OF WINDOWS (from a BartPE CD for instance) just to check the drive integrity.
Then to try to remove the virus, boot into "Safe Mode with Networking" and run RKill (you might need to download this on another PC): http://www.bleepingcomputer.com/downloa ... irus/rkill
I would use the one named IEXPLORE.EXE as it has the best chance of being allowed to run by the virus.
Then run in this order:
Kaspersky TDSSKiller
http://support.kaspersky.com/faq/?qid=208283363
Trojan Remover
http://www.simplysup.com/
Hitman Pro
http://www.surfright.nl/en
Malwarebytes AntiMalware
http://www.malwarebytes.org/
However I would be prepared for a clean install AND possibly a new hard drive.
I would definitely backup your data while you can. Then run Spinrite level 2 or scandisk FROM OUTSIDE OF WINDOWS (from a BartPE CD for instance) just to check the drive integrity.
Then to try to remove the virus, boot into "Safe Mode with Networking" and run RKill (you might need to download this on another PC): http://www.bleepingcomputer.com/downloa ... irus/rkill
I would use the one named IEXPLORE.EXE as it has the best chance of being allowed to run by the virus.
Then run in this order:
Kaspersky TDSSKiller
http://support.kaspersky.com/faq/?qid=208283363
Trojan Remover
http://www.simplysup.com/
Hitman Pro
http://www.surfright.nl/en
Malwarebytes AntiMalware
http://www.malwarebytes.org/
However I would be prepared for a clean install AND possibly a new hard drive.
---
“The Government of Spain will not applaud those who set the world on fire just because they show up with a bucket.” - Prime Minister of Spain, Pedro Sánchez
“The Government of Spain will not applaud those who set the world on fire just because they show up with a bucket.” - Prime Minister of Spain, Pedro Sánchez