-= Gametoast.com =-

a few days ago, my computer caught the "Anti Virus System Pro" virus. My dad and I tried to manualy delete the files, since McAfee doesn't detect it, but since the virus comes in various forms and changes the names of its files, we couldn't find all of it's files, and it just recreated all of the files later. Online instructions for deleting it didn't help, but somebody said he had done a system restore and that helped. So we tried doing a system restore to last week. However, now whenever I boot up the computer, it goes to a screen that says that "windows did not shut down properly, would you like to run in safe mode?" However, whether you run in safe mode or not, when it starts booting up, it has the windows XP load screen, then it goes to the blue screen of death, then cycles back to the begining. Is there anything I can do about this/ recover my data?

oh boy. If you want to get all the data off, have..
A) $100+
B) know a good computer store
C) money

You can't access the infected system at all? If not, then I would not be too optimistic about the survival of your data...

If you can, follow these instructions and/or post on this site's forums. They are very good at what they do.

http://www.bleepingcomputer.com/virus-r ... system-pro

http://www.bleepingcomputer.com/forums/forum103.html

those instructions seem very helpful, I wish I had found them before... But since I can't boot up the comp regularly, is there no way to get bsck my data? The last time I did a backup was about 4 months ago...

mount the virus hardrive on a system that works and make it an unused drive letter like G :or H: instead of using it to boot up , just grab the data you really need, a virus will not overwrite your personal files like an image or movie or email files, 99% of the time they ruin system files and the registry. Either way its very recoverable if you have the time and another pc to look up online solutions or my suggestion above, dont use it to boot up anymore , just go into the drive and grab everything and reformat the drive for later use.

If its the "Windows Antivirus 2009" or whatever you may be confronted with the possibility of total data loss or partial data loss...

I know there is a way to do it, but only few of us can do so, and it requires direct connection to the Computer... Even the "professionals" cant fix this over the internet.

If it is any other virus, Im sure google on another friends computer will work.

How would I go about hooking up the hardrvie to my mom's laptop? I know how to remove it, I think, but does it have a usb or what? Also, is there a chance the virus could spread that way?

Commander_Fett wrote:1. How would I go about hooking up the hardrvie to my mom's laptop?2. I know how to remove it, I think, but does it have a usb or what? 3.Also, is there a chance the virus could spread that way?

1. internal hard drives need a converter to hook up externally.
2. internal? no. most have a SATA connection, but thats it.
3. If the drive get power, it may spread.

I don't think the virus would spread from drive to drive, unless it was programmed that way - which it could be, I suppose.
But at least if it did spread, you could take extra precautions to stop it before it went anywhere.

[EDIT]
I was also thinking; I suppose you could possibly install an Ubuntu or Linux partition on your computer (or maybe even just run a Live CD) and retrieve your data through there.

If you have a Windows install CD, boot with it in the drive, then use the on-disc tools to restore your computer to before it was infected. 99.999% of the time you can solve the problem, then McAfee and SpyBot: Search and Destroy can clean up the rest. Word of warning, do NOT under any circumstances. use ThreatFire, as their recent versions have major bugs that eat up system memory and resources (its not a virus, just a bug in their system). Alternatively, get HijackThis!, which will give a very detailed description of the virus, then go to one of the many HijackThis! forums to get detailed instructions on how to remove the virus.

If I select the new installation option, will it erase my hardrive? I ask because I tried the repair installation but I don't really know what to do... you have to type in commands and I have no idea which ones I need to do. there is an option to format the hard drive, but I'd prefer to keep my data, if possible.

custom or clean will reformat your harddrive. New install may, im not sure.

From my experiences, new will simply overwrite the WINDOWS folder.

If you want to play it completely safe, try burning a Ubuntu install disk and use that to access your stuff and get it off.

We got my modtools, my documents, and my steam folder off my hard drive, and hopefully I'll have it up and running again by tommorow or Friday