I'm not sure how, but yesterday I got a virus. It would give me repeated BSOD's on normal boot attempts. The only way I could access anything is to boot into Safe Mode with Networking. Anyway, after about 9 hours, I came to the conclusion that it's imbedded itself into Winlogon. Even in safe mode, explorer would repeatedly crash, so that left me to leaving explorer alone when the message came up, and surf through notepad to delete files that I needed.
It locked the registry, turned off system restore, and hijacked my DNS to the point that I couldn't go to any antivirus sites or the Windows/Microsoft website. I finally gave up and replaced my hard drive with an old HD I had lying around. Anybody else had any experience with a virus like this? It's almost like Virtumondo, but worse.

I'm not sure how, but yesterday I got a virus. It would give me repeated BSOD's on normal boot attempts. The only way I could access anything is to boot into Safe Mode with Networking. Anyway, after about 9 hours, I came to the conclusion that it's imbedded itself into Winlogon. Even in safe mode, explorer would repeatedly crash, so that left me to leaving explorer alone when the message came up, and surf through notepad to delete files that I needed.
It locked the registry, turned off system restore, and hijacked my DNS to the point that I couldn't go to any antivirus sites or the Windows/Microsoft website. I finally gave up and replaced my hard drive with an old HD I had lying around. Anybody else had any experience with a virus like this? It's almost like Virtumondo, but worse.

There's a few that have those symptoms. Once you get them, it's just easier to wipe and reinstall.

Just goes to show, even us techies get bit once in a while, no matter how good your defenses are.

I heard not to open anything named "postcard" :shrug:

I heard not to open anything named "postcard" :shrug:

Half true. That's been floating around for a few years. Look it up on snopes for the details. I'd post it, but don't have access to snopes from here.

Yep, completely unaware how I got it. I was going to try a system recovery, but it wouldn't even let me boot from a cd lol. I was on the verge of deleting everything and just starting over, until I remembered I had that old computer lying around. I put that in and the damn thing didn't want to recognize the mouse and keyboard. :smack:

Did you run Stinger.exe????

Yep, completely unaware how I got it. I was going to try a system recovery, but it wouldn't even let me boot from a cd lol. I was on the verge of deleting everything and just starting over, until I remembered I had that old computer lying around. I put that in and the damn thing didn't want to recognize the mouse and keyboard. :smack:

I just spent this past Saturday working on my dad's PC that sounds like the same thing. He is doing geneology research on our family, and we have some relatives in the Ukraine and Russia. Well, he went to (what appeared to be) a Russian website, then all h3ll broke loose. I tried Symantec, AVG, Vipre, and PC-cilin to try to clean it up and all of them seemed to be blocked to gather definition updates. When I ran IE the PC would lock up.

All the symptoms you describes were the same except we were able to boot from CD and reload windows which solved the problem. He lost a lot of photos and other files, so now I've bought him an external HD for Christmas for his file storage. What a mess. I have a fingernail extraction tool that is ready when they catch these creeps that create these viruses.

Did you run Stinger.exe????

Negative.

I just spent this past Saturday working on my dad's PC that sounds like the same thing. He is doing geneology research on our family, and we have some relatives in the Ukraine and Russia. Well, he went to (what appeared to be) a Russian website, then all h3ll broke loose. I tried Symantec, AVG, Vipre, and PC-cilin to try to clean it up and all of them seemed to be blocked to gather definition updates. When I ran IE the PC would lock up.

All the symptoms you describes were the same except we were able to boot from CD and reload windows which solved the problem. He lost a lot of photos and other files, so now I've bought him an external HD for Christmas for his file storage. What a mess. I have a fingernail extraction tool that is ready when they catch these creeps that create these viruses.

It probably was. Sad thing is, I don't think it's a new virus. I think it's an old virus/trojan that has taken a new variation. It was NASTY.

He lost a lot of photos and other files, so now I've bought him an external HD for Christmas for his file storage.

That didn't have to be the case. The drive could have been accessed without going thru the corrupted operating system, and everything could have been saved, scanned for viruses and restored.

I take the drive out, connect it to a USB adapter and hook it to a computer that I don't care about.

That didn't have to be the case. The drive could have been accessed without going thru the corrupted operating system, and everything could have been saved, scanned for viruses and restored.

I take the drive out, connect it to a USB adapter and hook it to a computer that I don't care about.

That's part of the reason why I didn't format. I can still access and move everything to my slave drive, THEN put it back onto my main drive. Thank god for know-how and technology. :dye:

That didn't have to be the case. The drive could have been accessed without going thru the corrupted operating system, and everything could have been saved, scanned for viruses and restored.

I take the drive out, connect it to a USB adapter and hook it to a computer that I don't care about.

Every time I tried to access anything on the HD the PC would lock up. It was like there was a timer on it after rebooting that the virus (or whatever it was) would seize control and lock me out. So removing the HD and connecting it another machine wouldn't have mattered.

But my dad wasn't all that upset. He did have too much on there that he was worried about.

[quote=G1G4;3471310]Negative.

How can I send you the file??

Upload it some place, and then send me the link.

Try this
McAfee Threat Center (http://vil.nai.com/vil/stinger/)

If I get time, I'll try it. I'm not sweating it to much. Thanks. :buddies:

If I get time, I'll try it. I'm not sweating it to much. Thanks. :buddies:

Let us know how it works out...

I downloaded the stinger.exe, however, the drive won't even boot up now. :lmao: