Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SMART virus infected me quickly and now hard drive cant be found


  • Please log in to reply
5 replies to this topic

#1 drigney

drigney

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 09 June 2012 - 01:56 PM

Hello I used google to search for this virus and found multiple ways of deleting it. All the original posts state the same thing happening to them. After the infection started I quickly moved to my browser window and google searched a removal guide and the first page that popped up stated I first needed to re-boot in safe mode with networking.

Easy enough, few second later I was rebooting and got a dreaded blue screen of death (before the OS got to boot) that quickly restarted my computer again asking me how i would like to boot. I started to go through every boot method until it started giving me only 2 options (start normally and a system restore one). I clicked on the system restore and upon loading the screen freezes ( I left it there for over 2 hours ).

Even though I am using Windows 7 I have an old Windows XP disc and was willing to temporarily downgrade to fix the problem and erase my entire hard drive. I inserted the disc and booted from the CD and upon loading it gave me another blue screen!

During and in between all my attempts to fix this I have been on google and bleepingcomputer reading endless amounts of cases and not once have I found one where they could not boot up from any mode.


*If needed I can post the blue screen error messages, just ask if you want me to.*

*The farthest I can boot to is the windows loading screen, after that the computer automatically restarts itself*

*Never had any viruses prior(on this computer anyways), nor any warning signs (but I am POORLY protected)*

*I can get a CD-RW if its needed, I am currently on a 10 year old computer just have to share the monitor*

*I am on a DELL Inspiron 560 and using Windows 7*

*I already check the connections on the drive and it was okay*



Okay I will post exactly what this virus did to me:
I was browsing google images to get a template image to use for a website, all the sudden my windows navigation bars changed shape. They became much bigger and seconds later I got about 20 error messages saying my computer was infected. I started closing these windows and the actual "VIRUS REMOVAL" popped up. It was titled S.M.A.R.T and started scanning my computer. I tried closing it and as far as i remember it didnt stop it and I even tried closing out of everything I had opened except my browser. My desktop then turned black and everything was removed from my desktop. I clicked the start button and everything was removed from there too. Thats when I google searched the only thing I remembered vividly "SMART" and added virus to it. I got multiple pages giving instructions on how to fix it so the first step was to reboot but that ended up in catastrophe. What im getting from the other articles on this virus is it hides files (but does not delete them) from you.


Now I wish i didn't panic and hit system restore before rebooting, can't help to feel like it would of had a completely different outcome! :(

I highly appreciate everyones help in advance and not only in this thread but in all the others, I have read multiple things in this forum in just the few hours I absorbed a great amount of knowledge about what I am dealing with!


If im missing something that is needed and is highly important feel free to ask!

Edited by drigney, 09 June 2012 - 01:56 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 AM

Posted 09 June 2012 - 02:01 PM

Important:Do not turn off System restore until we finish our cleaning process

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

UNHIDE

Run the tool as administrator,it should unhide your files

Edited by narenxp, 09 June 2012 - 02:04 PM.


#3 drigney

drigney
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 10 June 2012 - 06:21 AM

Thank you for your quick reply. I tried downloading and running those programs on the infected computer using a disc and none have booted before windows starts up. I can barely make it to the windows loading screen before my computer restarts itself. However, since I'm not able to start the computer in any mode I cannot run any of these programs to scan.

Since my last post I have done quite a few things to try and get on the infected computer

1. burn the scanners above and try to deploy them before windows (failed)

2. burn a "System Repair Disc" from another Windows 7 OS and deploy it on my computer. This resulted in the repair tool launching.

**I was able to browse files and see that my "C:/" drive is now in a "D:/" folder and all my files are present(for the most part).**

**I was also able to open a Command Prompt from this recovery tool. It was in the System32 directory and the main rooy was "X:/" which was very strange to me.**

Every time I ran the system recovery it gave me an error after about a minute and at the top it was almost like it couldnt find an operating system at all.



If anyone can help me on this I'm completely puzzled. I've been stuck on this for almost 2 days and still haven't found a situation like it and been searching constantly!

Thanks

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:32 AM

Posted 10 June 2012 - 06:39 AM

oops,i thought atleast you were able to boot into safemode

Let me ask a malware response team member to help you

good luck

#5 drigney

drigney
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 10 June 2012 - 09:55 AM

Thank you!

I found a program "AVG Rescue CD" which is booted from cd and I got it up and running and did a 3 hour scan and it found about 6 infected files spread across my system. I deleted them all and restarted my computer to find the same results.

So no fix yet but I will try and find other solutions to fix my problem.

Edited by drigney, 10 June 2012 - 09:55 AM.


#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,411 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:32 AM

Posted 20 June 2012 - 02:09 AM

Hello, if you still need help can you tell me what the AVG rescue CD found/deleted. Also, please be cautious when using this kind of disk, as also explained here.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users