bump for later reading and such.
put in an operating system disk and boot from it
go to recovery console
run fix mbr in recovery console
then reboot and use the unhackme program in safe mode and then in regular mode.
run a deep scan.
If that is the case then all you have to do is restore from that image you took of your C:\drive last week and stored on external storage.
Didn't make one? Then reinstall the OS after formatting the drive. Then restore your sensitive data...from the backup you made last week on external storage...back in place and start the process of configuring Winders.
Didn't backup the sensitive data? Hmmm....got nuthin' except start from scratch.
We just had the Smart HDD virus hit our computer. We aren’t much use with diy fixes so brought it to the local folks here to fix. We had MacAfee anti-whatever running, but got it anyhow.
The next-day fix cost about $150 plus another $50 or so for the software they recommended. MacAfee fortunately protected our computer enough so we didn’t lose any files.
Very distressing.
Did you confirm a virus/malware? S.M.A.R.T. monitoring is a legit function built in to newer hard drives to warn of impending failure.
http://hddlife.com/eng/smart.html
http://en.wikipedia.org/wiki/S.M.A.R.T.
format
I got hit with a couple viruses in the past year on Windows XP that mimicked an “imminent hard drive failure” but it was all fake. The virus bypassed fully updated virus scanners and installed itself just by me going to a web page. It didn’t do any permanent damage, but was somewhat difficult to clean up. The first step I think was to download and run TDSS Killer. I don’t think you need to be in safe mode to do that, but some of these viruses will try to stop you from running that program, so you may need to rename the file. I think the virus may try to stop you from running any .exes, so that might require you to boot into safe mode and/or run the other RKill program to kill running processes. You should pick Windows XP with Networking when booting into Safe Mode. The TDSS Killer very quickly erases “rootkit” viruses which are difficult for normal virus scanners to find.
The virus’s main function was to make Google searches redirect to advertisement sites. Fixing that required me finding the hosts file and deleting the hacked entries. One version of the virus also made all files on the computer “hidden” so that it looked like they had been deleted. I think I had to highlight my entire hard drive and check off not to hide anything. And then I ran the Malwarebytes which I believe deleted some virus files and registry entries. Another thing I might have had to do is clear the whole browser cache and history, because the virus was hiding in some flash files or something like that. I also used a date-sorted search on the PC’s files to find when the virus installed itself and its location on the hard drive. I don’t remember if I needed to do that to track down the files and delete them myself or if the virus scanner was able to do that.