New Virus "0x00000...008e"

Discussion in 'Malware Help (A Specialist Will Reply)' started by SueBird, Oct 25, 2007.

  1. SueBird

    SueBird Private E-2

    Hi there,

    I am a relative novice at computer workings. Two days ago, after going on a website called , my computer started acting strangely. I have Micro Trend PC-cillin software to protect my computer. Yesterday my computer was slow and I had a lot of pop up ads, so I called Geek Squad to help. I was on the phone for 2.5 hours and by the end of the phone call, the Geek Squad Agent feared I had now lost everything on my computer. He told me to take the computer to a Geek Squad location at a Best Buy to have them pull the hard drive and see if anything could be recovered. I currently have the computer in my possession, no work has been done on it since I ended the call with the Geek Squad agent.

    I do not know exactly what the Geek Squad agent did to my computer, but I do know this:
    - he initially thought it was no big deal, but it got worse as time went by
    - many files were removed
    - in the end he told me "Congratulations, this is a brand new virus and your computer is the first we know of as having it in the country"
    - the agent was working remotely in my computer in safe mode
    - the agent had me reboot my computer, then press F8 immediately and that's when a blue screen with white letters popped up, and that's where the virus type "8e" came from
    - the agent said the virus was nasty and was running many programs in the background
    - the agent said the virus was doing something when the computer was restarted, it would get worse at that point
    - the agent was trying to run programs, such as "..config" (things like that) and the computer was not recognizing anything
    - the agent was trying to access my programs, such as "iexpore.exe" and the computer said the files did not exist
    - at one point early on, while searching through some deep files, the agent saw some odd Windows files. He said he did not recognize them and I didn't either. He said they seemed very strange. He did not delete them. He renamed the file by adding a ".bad" to the file name and moved on.
    - in the end, the agent thought I should NOT turn the computer on again and take the computer to someone to remove the hard drive to try to save any possible files.

    I have no clue what to do. I have countless priceless photographs on the computer that I am fearful of loosing. I have no back up.

    Thanks to anyone who can help,
    Sue
     
    Last edited by a moderator: Oct 25, 2007
    SueBird, Oct 25, 2007
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Sue,
    A few quick questions .....
    Does the computer boot up into windows?
    Do you have another computer that you can download to and then transfer to this computer?

    I will give you instructions to do ( it would be best to keep the infected computer off the internet - unplug the cable) for now.

    Let's start with this:
    1. Download this file - Combofix.exe
    2. Double click combofix.exe & follow the prompts.
    3. When finished, it will produce a log for you. Attach this log to your next reply

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Attach that log on your next reply.
     
    TimW, Oct 25, 2007
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds