Summary: A virus attacks the software installed on your machine. Fixing it may take work, but hardware should not need to be replaced due to malware.
My wife opened a file that appeared to come from UPS and that was the end of my computer. It tried to install files called Antivirus XP, then it tried to install an XP Security Center and wanted me to register to rid my computer of the virus and give them my credit card#. My McAfee is disabled on every boot and Spybot won't run. It also wants to change a registry value and run buritos.exe. It has also changed my wallpaper with "Warning!" message that can not be changed. A diagnostic through one of the geek services says my hard drive is damaged. Is there any way to get rid of this virus without having to pay a fortune in a new hard drive plus all the other geek service charges? Or should I just get a new computer?
•
Your hard disk is not physically damaged. I'm hoping that the technical service company didn't really mean that. (If they did ... well, I'd use a different service next time.)
But you do have some work ahead of you nonetheless.
•
Bottom line: a virus is not going to physically harm your hard disk in such a way that you would need to replace it. And certainly nothing that would require a entirely new computer.
Viruses impact only the software installed on your machine and software can be fixed.
It just might be a painful fix.
It sounds like you got a double-shot of virus activity. The UPS (and Fedex, and USPS and other) phishing attempts showed up a few months ago, and I have to say that as a business owner who also ships UPS, they almost got me too. As usual, there were many signs that the email was a phishing attempt, but I had to look closely to make sure I wasn't about to delete an important issue relating to an actual customer shipment.
In addition, AntiVirus XP is another particularly nasty virus making the rounds right now. The major anti-virus programs are only just now catching up and detecting and removing it.
The real question boils down to this: if your machine is heavily infected by malware, what can you do to clean it up?
As I've mentioned before, there are two schools of thought:
-
try to clean it up
-
reinstall everything from scratch
The common attempts to clean it up boil down to running anti-malware software, possibly several different packages, repeatedly until the system comes up "clean". You might have to reboot into safe mode in order to do so.
And, because the alternative is so conceptually costly, "try to clean it up" is the option that most people attempt.
Sometimes it works. We think.
As I've also said before, though, once your computer has been infected by anything, it's not your computer any more. There's no guarantee that any amount of clean up will actually eradicate whatever was placed on your machine.
The only alternative is to start over.
And sometimes your machine is in such a bad state that you can't run any anti-malware programs.
The only alternative is to start over.
And starting over is simply this:
-
Back up
-
Reformat your hard disk, erasing everything on it (typically as part of the next step)
-
Reinstall Windows from scratch using your Windows installation CD or DVD
-
Reinstall all your applications from scratch.
-
Restore data (only) from your backup.
It's a huge pain.
But you know what? It's often less pain than all the failed cleanup attempts. And you know what you'll end up with when you're done.
But replacing hardware, be it a hard disk or an entire computer, is not part of the solution.
If you choose to replace something at this time, it's only because this is a convenient time to do so. If you're reinstalling everything, it's a fine time to upgrade your hard disk - or even your computer - for example.
But it's not required.
Article C3553 - November 2, 2008
"ATTENTION" "EARTHLINGS" "NEVER,NEVER,NEVER USE RESTORE ON YOUR COMPUTER,TURN IT OFF"If your computer gets even a smell of a virus it is saved on this section of drive and when you restore you also restore virus or malware!
Posted by: bill at May 14, 2009 11:40 AMi scanned my computer and it says its infected but it can't get rid of it what do i do? it says its in archives
Posted by: stephanie lovell at September 5, 2009 12:53 PMHi, DEALING WITH INFECTIONS PART ONE
Posted by: Alex Young at October 9, 2009 1:06 AMI think I have come up with a reasonable strategy for dealing with PC infections. In my opinion it is not worth the trouble of trying to clean them off both time wise and also you can never be completely sure that they have been totally eradicated.
So instead invest in an external hard drive, they are really affordable now and can serve more than one purpose [storing films or a music library for instance]
Next download a Disk Imaging programme.There are great free ones available. I use Macrium Reflect Free version which is very easy to use and reliable.
Make a disk image on to the external as a fall back. This will include everything on your PC.
Then make a backup on your documents and music etcetera although you have already got this in your full disk image.This documents back up is done by copying to your external and not via the Disk Image programme.
Now you have the fall back use your rescue CD or Windows disk to reinstall your system to when you bought it. Depending on your disk you may have to reinstall drivers as well so make sure you have that sorted.
Now comes the painful bit.You will need to reinstall all your programmes from the web or any disks you may have. You will also need to visit the Microsoft Updates site to bring all software up to date. This can entail several visits and a lot of time depending how old your PC is.
Next replace your documents from the external to your PC.
At this stage I usually run CCleaner to get rid of rubbish but that is just my preferance.
DEALING WITH INFECTIONS PART TWO
Posted by: Alex Young at October 9, 2009 1:33 AMNow we have a clean up to date system so before you do anything else,ie before you visit the web,make a Disk image using your chosen programme. We can date this and it is your day one image. It is better than your manufacturers CD because it is up to date and contains your present programmes. You can delete the initial Disk image if you wish as that is of your old system.
Now you can use your PC and if you get an infection just restore from your external.
In order to keep up to date I make a note of any changes I make to my system and a keep this on a notepad document in My Documents.After say a month I will put the previous Disk Image on after moving that note pad document to the external along with any other updated files. When the month old disk image is in place I will apply all the changes I made in that month[with the help of the word pad ] update my security products and then take another disk image for use a month down the line. This way I believe I minimise software rot and I always have a recent clean disk image to fall back on.
Yes, it does entail some work but it gives great peace of mind. Never again will you be left with vital System 32 files in quarantine and wondering what to do ! Regards Alex {If I can do it anyone can
my laptop was destroyed by virus. the screeen was dead.. teh connector of the screen to the body was a bit damged .. waht was the cause? can i use my lenovo laptop computer now?
29-Nov-2009
Posted by: mc at November 29, 2009 12:11 AM