Questions

How to remove a virus that blocks access to files and programs?

Tags:
+
0 Votes
Locked

How to remove a virus that blocks access to files and programs?

RayFoxxe
Ok here's the thing, there's this nasty virus (I suspected it to be a virus since it blocked access to almost every program and feature on the system, even disabling and uninstalling anti-virus and other programs) that blocks everything from being accessed. It blocks even installing programs and uninstalling them. So far it has blocked only files like pictures, Office files, and certain programs and installation. I don't know yet what other things it has blocked, but it hasn't blocked anything critical yet. Can anyone offer any solutions? Hopefully something that doesn't involve reformatting the unit. (The computer runs on Windows XP SP3)
  • +
    0 Votes
    ComputerCookie

    you should be able to turn off system restore, restart in safe mode with networking update your AV and run a scan to remove the virus. If it's a more complex trojans you may need to edit startup using msconfig to remove any trojans and restart the system in safe mode, download Spybot S&D and restart in normal and install downloaded files and run, do not attampt to access the internet intil the trojans are removed.

    if you need more precise instructions post back to this question.

    +
    0 Votes
    OH Smeg

    Pay the creator of this their fee to get access to your Data again.

    This type of program is called Hostageware because it takes your data Hostage and demands payment so you can use it again.

    Now the bad news is even if you pay the money you don't get a clean computer you just get to use your Data till the creator of that application wants more money and the cycle starts all over again.

    Also there is no easy solution here other than Backup all your Data Wipe the HDD and then reload the entire system from scratch after you are certain you have wiped the drive with a Military Spec Wiping Utility to destroy the infection.

    However you can try a Rescue Disc which doesn't involve running your install of Windows it runs off the CD that it comes on and has it's own Scanning/Cleaning Programs. You can read up on Rescue Disc's in this TR Blog

    http://www.techrepublic.com/blog/security/rescue-cds-tips-for-fighting-malware/3803

    Personally I like F Secure and the Avira Rescue Disc but any of the others will do to clean the system.

    Now for the Bad news it is possible depending on the infection that some critical Windows Files will get deleted and you'll need to perform a Repair Install of the OS by following the directions here But first you'll need to understand that you'll need a full version of Windows XP not a Recovery Disc which is a Slipstreamed Image for your Hardware as these mostly do not support the Repair Option.

    http://support.microsoft.com/kb/978788

    With any Windows system it's really much better not to get infected as the only real way to be sure that you have completely cleaned the system is to use something like Boot & Nuke

    http://www.dban.org/

    or Kill Disc

    http://www.killdisk.com/downloadfree.htm

    To write zeros to every sector of the HDD and kill any infection that you have picked up. If you do not do this there is the possibility that the system will be reinfected when you reinstall all f the software.

    Col

  • +
    0 Votes
    ComputerCookie

    you should be able to turn off system restore, restart in safe mode with networking update your AV and run a scan to remove the virus. If it's a more complex trojans you may need to edit startup using msconfig to remove any trojans and restart the system in safe mode, download Spybot S&D and restart in normal and install downloaded files and run, do not attampt to access the internet intil the trojans are removed.

    if you need more precise instructions post back to this question.

    +
    0 Votes
    OH Smeg

    Pay the creator of this their fee to get access to your Data again.

    This type of program is called Hostageware because it takes your data Hostage and demands payment so you can use it again.

    Now the bad news is even if you pay the money you don't get a clean computer you just get to use your Data till the creator of that application wants more money and the cycle starts all over again.

    Also there is no easy solution here other than Backup all your Data Wipe the HDD and then reload the entire system from scratch after you are certain you have wiped the drive with a Military Spec Wiping Utility to destroy the infection.

    However you can try a Rescue Disc which doesn't involve running your install of Windows it runs off the CD that it comes on and has it's own Scanning/Cleaning Programs. You can read up on Rescue Disc's in this TR Blog

    http://www.techrepublic.com/blog/security/rescue-cds-tips-for-fighting-malware/3803

    Personally I like F Secure and the Avira Rescue Disc but any of the others will do to clean the system.

    Now for the Bad news it is possible depending on the infection that some critical Windows Files will get deleted and you'll need to perform a Repair Install of the OS by following the directions here But first you'll need to understand that you'll need a full version of Windows XP not a Recovery Disc which is a Slipstreamed Image for your Hardware as these mostly do not support the Repair Option.

    http://support.microsoft.com/kb/978788

    With any Windows system it's really much better not to get infected as the only real way to be sure that you have completely cleaned the system is to use something like Boot & Nuke

    http://www.dban.org/

    or Kill Disc

    http://www.killdisk.com/downloadfree.htm

    To write zeros to every sector of the HDD and kill any infection that you have picked up. If you do not do this there is the possibility that the system will be reinfected when you reinstall all f the software.

    Col