Well, I've never had a virus this bad actually cripple my computer. Today, I apparently got a trojan from visiting a website. I knew something was wrong right away because McAfee shut down and then restarted, except that I now know (believe) it was a fake anti virus. It looked exactly like McAfee, and "McAfee" warned me that a program wanted permission right aroud the time of visiting this site. So, I said block, and "McAfee" prompted saying a restart was needed to get rid of the virus. I've never seen this prompt, and like an idiot, clicked restart. Some other stuff was happening too, like Chkdsk prompts, and a really weird prompt claiming to be, like, Windows Security Essentials. It sort of looked like the Windows Update window for XP, except it was designed differently.
That's pretty much everything that went on, the computer restarted, and now Windows won't boot. No Windows load screen. It also won't boot into Safe Mode. Last Known Good Configuration doesn't work either. Nothing loads at all. I can try to provide more details later, but I can't remember much more than what I already listed.
So, what do I do? I've been downloading various boot cds like UBCD, AVG Rescue CD, Hiren's BootCD, etc. AVG command line found nothing wrong, at least the scan I did. I'm currently running Hiren's BootCD and using SuperAntiSpyware whatever and finding the trojans, but Windows still won't boot at all. I'm trying more things but I need expert help. Please, please help! Thank you in advance.
UPDATE: I don't even know what I'm doing really, but for some reason, I was able to boot my full Windows using Hiren's BootCD's option "Boot from the Hard Drive (XP)." Windows then booted (normally) off my hard drive. So, I was back on my desktop, which is good, except I still can't boot Windows normally (Safe Mode or otherwise) without the assistance of Hiren's BootCD. Also, the trojans still seem to be present, because everything appeared to load properly, except that McAfee still seems suspect. Probably most interesting is that I tried to run regedit to see what the SafeBoot keys looked like (I'm assuming the trojan destroyed them) and what do you know, I got a prompt saying, "The registry editor has been disabled by your administrator." Yeah, that's new, because I never did that, and it worked fine before all this. It also might be worth noting that when I put in my XP disc and tried using the DOS recovery options, it asked for the administrator password. My password to log onto windows doesn't work. So, did the trojan set its own administrator password? It seems to have definitely made some major changes and I'm locked out, like from regedit (that's all I've tried so far). On the XP restore disc, at that password prompt, if I just hit enter, it brings the command line up, "C:/WINDOWS" but then I don't know how to use any of the commands. So, why does it ask for the password if it just let's me onto this command line, or perhaps I'm not really on the command line. Point is I don't know how that disc should really operate because I've never used it. So, with the new info, how should I proceed?
Edited by HEXno, 30 November 2010 - 12:18 PM.