Earlier this week my system was compromised with a virus similar to the Metropolitan police one. At the time I was connected to a German server because I was running a VPN. It was in German but I made out that it was supposedly a company called GEMA demanding 50 euros off me because I'd illegally downloaded music.
I managed to access regedit when I booted in safe mode and then I modified my shell back to explorer.exe then accessed Avast to run a scan before the start up screen on the next boot.
It found some viruses and I deleted them but when I rebooted back in normal mode, it didn't come up with the GEMA screen but explorer crashed when I tried to access my files. I also realised that my hard drive had a lot of free space... The virus must have deleted most of the files from my other user account (The 1st account I made on the system)
I managed to re-install ComboFix and run a scan to see if there was any malware still present and get rid of it. I then rebooted in safe mode and ran sfc scannow via CMD. It said there were corrupt files but it couldn't fix them. It also ran a windows repair when I tried to restart it with no avail.
Upon reboot I found that the problem was still there. The system runs perfectly in safe mode but not in normal mode. As soon as I try to run anything the system freezes due to explorer crashing and it refuses to log off or shutdown (It just stays on the log off screen)
Is there anyway to get my system running normally again? Like a fool I didn't make a system restore point and I don't have the Windows installation disc because I bought the computer (it was an all in one at the time) from a Cash Converters but the screen broke so I moved all the internals, apart from the motherboard, into a new case.
I just want to get my computer running again. I'm a photographer by trade and I need to edit my clients photos. Any help would be greatly appreciated. Maybe a way to get my system files working again without a full restore so I don't lose my programs and files.
Recommended Answers
Jump to PostUse the original installation disc of your operating system and either choose startup-recovery, or system-restore, of if you have a backup, choose that one too. you can always back up your system in safe-mode with networking to another computer or something, and then wipe and load your system agian.
All 3 Replies
Time to switch to Linux...
Use the original installation disc of your operating system and either choose startup-recovery, or system-restore, of if you have a backup, choose that one too. you can always back up your system in safe-mode with networking to another computer or something, and then wipe and load your system agian.
I don't know if you have got the issue resolved yet but boot back into safe mode with networking and run Malwarebytes http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button Do a full scan and if it finds anything remove them. After that run another program,
Spybot Search and Destroy http://spybot-search-and-destroy.findmysoft.com/ run both of those programs and let me know if you find anything else. From what you are telling me it seems to me the virus wasn't completely removed. Also make sure both programs are up to date before you scan your computer.
Best Regards,
Zac
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.