Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty malware deleting most files on hard drive, even after reformatting HD and OS reinstall


  • Please log in to reply
9 replies to this topic

#1 drmavis

drmavis

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 13 May 2009 - 05:46 PM

Hi, I generally consider myself an advanced computer user, but I am completely stumped so wanted to ask the experts for advice. Have any of you heard of such a virus or know of a solution?

My situation is that I have some sort of infection which the first symptom was lagging computer, hourglass, unresponsiveness, and it took a long time to pull up the task manager and I would end tasks for Explorer, etc, and when I finally could interact with the OS again, large amounts of my files were deleted (media files, configuration files, etc - most of the hard drive).

I tried, several times, many different methods to figure out what is going on - boot CD antivirus programs (Avira, Trinity, DrWeb, etc), online scans, etc and found and removed a small number of Trojans (that may have been false positives), then reinstalled the OS, and everything would be fine and I'd be reinstalling software I use (clean versions of freeware/shareware from web sites, things like Winamp, Firefox, Adobe Reader, etc), and the same probably woulud happen again - computer lagging/freezing up, and the majority of the files on my hard drive being deleted.

I tried installing multiple antivirus softwares, firewalls, etc and cannot figure out what is causing this. I ran CHKDSK on all drives to make sure hard drives were OK and they were fine.

I even reformatted my hard drive and completely reinstalled fresh clean licensed Vista and the same problem happened again - how is this possible? Has anyone heard of malware like this? Know of any solutions? I'm at my wits end and have spent the majority of the last 5 days trying to fix this with no success.

Mike

BC AdBot (Login to Remove)

 


#2 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 13 May 2009 - 06:35 PM

Is it possible that you backed up files, and once you transferred them over the infection returned?

#3 rcmck

rcmck

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Location:everywhere
  • Local time:10:13 PM

Posted 13 May 2009 - 06:50 PM

Did you use the format utility in the windows install? I'm pretty sure all that does is erase the MFT and check for bad sectors. You should use something like DBAN to wipe the drive for sure, then go through the install process. http://www.dban.org/

Edited by rcmck, 13 May 2009 - 06:51 PM.


#4 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 13 May 2009 - 06:58 PM

Also, this may sound strange, but you can get infected through your wireless router if you have one. May be interested in reading this article.

#5 drmavis

drmavis
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 13 May 2009 - 07:08 PM

Hmm I had never heard of the infected router - yes I use a Netgear wireless router but there are several other computers on the network with no problems, and the settings look fine.

I didn't use the higher-end formatting software - I did use the default Windows install one. As for restoring backed up files - I did move over some media files I had backed up (videos, music) but didn't run any of them, and scanned everything with multiple programs on all of my drives so everything detectable is clean.

Have any of you heard of a malware that behaves like mine seems to be? It is ridiculously frustrating, re-installing everything and then having it mostly be deleted at a random time. Is there a chance the agent could be in the BIOS, MFT, boot sector, etc where programs wouldn't detect it?

#6 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 13 May 2009 - 07:13 PM

I honestly don't have an answer for that. I am not really very well educated in computer hardware :D I didn't think it was even possible for the infection to travel anywhere except the hard drive and other storage devices =/

#7 rcmck

rcmck

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Location:everywhere
  • Local time:10:13 PM

Posted 13 May 2009 - 07:43 PM

Have you at any time since this started actually found some form of malware with any of the scans you have done? The reason I ask is that disappearing files and folders is also a symptom of a bad/dying hard drive. Have you checked the S.M.A.R.T. diagnostics with something like hdd health http://www.panterasoft.com/ or other utility?

#8 drmavis

drmavis
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 13 May 2009 - 09:13 PM

I just SMART tested my hard drive and everything was "OK" and overall 98% so unfortunately it's not that (i wish it was because it would be much simpler to deal with)

#9 rcmck

rcmck

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Location:everywhere
  • Local time:10:13 PM

Posted 14 May 2009 - 06:25 AM

What files are disappearing? Are they random or are they ones located in My Documents? Have you run a chkdsk /r yet? Could your profile been corrupted and windows created a new one? Just throwing ideas out there...

#10 drmavis

drmavis
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 14 May 2009 - 09:27 AM

The files disappearing are located throughout the hard drive and seem to be media files (images, MP3's, videos) and configuration files for software. No core operating system files seem to be getting deleted. I have run chkdsk multiple times and there are no errors. I'm completely stumped!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users