Strange virus, makes it look as if my files were deleted. Possible registry issue?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by pfairclough, May 4, 2011.

  1. pfairclough

    pfairclough Private E-2

    Yesterday I went to watch an episode of Pawn Stars on tvtodays.com and after two pop ups came up on my pc, windows brought 2 viruses to my attention and I clicked resolve issue.

    All of a sudden one of those fake anti-virus programs came up, I don't remember the exact name, but it was something along the lines of Advanced Anti-virus Cleaner. Anyways, it wiped everything out of my computer. I know some of these fake programs will make it impossible to open programs, so usually I'd go to safe mode and open Malwarebytes from there.

    My computer looked empty, no programs on the desktop or start menu or my computer. So I went into safe mode and once again ALL my files were gone except for the fake anti-virus program located on the desktop. So I reset my computer through windows to earlier that morning around 5:00am. Once it finally restarted all my desktop items were back and my windows folders as well as my program files.

    Although my computer looked fine, all my personal files were gone, or at least look like their gone. My documents folders with pictures, documents, music, videos are all gone. I think it's something with my registry.

    I was able to run Malwarebytes and it found 2 viruses which I removed. Still nothing. So I went to update Malwarebytes and at the end of the download it had an error and wouldn't let me, this has never happened before. I went to download the newest Malwarebytes from it's site and when it came time to install it, at the end of the installation it had an error.

    So I've been running my AVG but it's not finding any viruses, just errors in my registry. Is it possible my registry to my documents is bad? I know the files are still "on" my computer because in my torrent program they are still being seeded fine.

    I wanna find out whether malwarebytes got rid of the affected viruses, if it's my registry that needs help, and if I can uncover my files.

    Please any help is most appreciated!!!!
     
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Re: Strange virus, makes it look as if my files were deleted. Possible registry issue

    Welcome to Major Geeks!

    Please read ALL of this message including the notes before doing anything.

    Pleases follow the instructions in the below link:

    READ & RUN ME FIRST. Malware Removal Guide


    and attach the requested logs when you finish these instructions.
    • **** If something does not run, write down the info to explain to us later but keep on going. ****
    • Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

    • After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
    Helpful Notes:

    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. If you cannot seem to login to an infected user account, try using a different user account (if you have one) in either normal or safe boot mode and running only SUPERAntiSpyware and Malwarebytes while logged into this other user account. Then reboot and see if you can log into the problem user account. If you can then run SUPERAntiSpyware, Malwarebytes, ComboFix and MGtools on the infected account as requested in the instructions.
    4. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
    Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds