PC completely screwed

Ok my PC is completely screwed beyond repair, i did the very dumb act of installing some a certain program there with all my defenses deactivated.


But that's not what i want to ask you about. I already turned the PC off and am about to buy an external HD to save my very precious 220GB worth of files.

I want to know if my files are still safe (i could still open them normally even after PC got completely infected with all the ads and errors and stuff). If i transfer them to the external HD, will they carry the virus(es)?

What do i do in this situation? I don't even want to turn the PC on because i'm afraid that even more sh*t will happen, now that it is probably completely in control of the crackers.


Just some info that might be relevant, i got Windows XP Pro. Any more info that you need, i'm here to answer.


Thanks in advance.

 

Just to make it clear, i just want to save the files, then i can reformat the PC. I want to know the best and safest strategy to save my files now; is it by taking the HD off the tower and putting it on another PC, or by plugging an externa HD and transferring the files, etc?


I don't care about how long it takes, or how much it costs, these files are VERY important to me, it is part of several years of my life. Should've been more careful... but i already spanked myself so don't bother to do it yourself, the sh*t is done already.

 

Thanks for the answers. I'm a relatively experienced PC and internet user (8+ years), and i've never seen a PC so taken over.

It's probably not just one malware, but a legion of them. As soon as i installed that program, the pc started getting crazy, a DOS cmd window opened and some commands were written, then it closed, the wallpaper dissapeared and instead some images with links appeared, then some more stuff happened and the PC auto restarted itself.

When it booted again it was even worse, the icon area had those "your pc is infected" icons, which were viruses of course, i tried to "cut and pasted" a few files but i couldn't do it, and i tried to activate the antivirus and i couldn't do it either. It's a mess.




My biggest fear is that my files can get deleted somehow in the proccess of fighting all the malwares. Don't you think that it's safer to just get the files out of that mess and then reformat it?

 

Now why the F*** did i allow myself to get convinced by you :cry

Situation is far worse now (i'm not on the infected PC now of course, i try to let it off as much as possible so situation doesn't get worse).


As i said early, this is no ordinary infection. Some facts:

- I can't access: the control panel, the start - explore panel, the "execute" function.

- And now after trying to run those programs in the tutorial you gave me (and then i had to connect the PC to the internet which i wasn't doing), the malwares inside the PC kept downloading more malwares, and more and more images with links appear on the workspace.

- Now the WORST part: when i open the "my computer", the C drive, which is where everything is, has DISAPPEARED (along with the D drive which is the CD's drive with the anti malware programs i was told to use in the tutorial).



I'm definitely abandoning that sinking ship, if i turn the internet on on that mess, it downloads more and more malwares; i have fought several infections and viruses before but i've never seen anything like this.

I just hope that all the data in my hard drive isn't gone, although i can't find the C drive anywhere. Do you think that it all got deleted? (unlikely since it only a few minutes passed before i turned the PC off before it exploded on me or something).

 

I appreciate the help TimW. I did run all the scans ofthe malware removal guide in safe mode (in normal mode it's impossible), and they did spot and eliminate malwares. But then i started the PC in normal mode and apparently the malwares were there still. Nothing much changed.


My external HD just arrived, do you know how do i "clean" my files so that i can transport them to the external HD? My personal files are all in one major folder, so cleaning them should be a bit easier. Should i run an antivirus on the folder or what? I did already do this on the whole PC with the programs mentioned in the malware removal guide but apparently they weren't effective.

 

Unfortunately i couldn't get SAS' log, hope it's not a problem. The logs are in portuguese, hope it's not a problem either.

 

Ok, here it is. Had to run it again now because i didn't find the previous one, so this is the newest diagnosis of my PC.

 

The files are attached.

By the way, The /C now can be accessed in normal mode, but i still can't access the "All Programs" function in the Start menu, neither the "search" or "run" or any other start menu function. They've all gone missing.

Also, i don't know if you overlooked it or not, but the Rapid Antivirus in my PC is a malware or was downloaded by the malware since i didn't have it before my PC got infected.

My Avira Antivir i installed in safe mode after my PC got infected but i couldn't update it for the reasons already mentioned in the topic. I uninstalled Online Armor now (i didn't know it was running, since by then i thought it hadn't installed properly in safe mode).

 

Ok here they are.

 

2 problems only that i can currently identify. By the way, thanks A LOT for what you've helped me with so far. I really appreciate it.


Now to the 2 problems left. The first is that i get a "VIRUS ALERT!" message beside my clock in the low right corner of the screen. I don't even know what will happen if i double click there and i don't wanna find out.

The second problem is that i still can't see most of the functions on the Start Menu. I can't access the Control Panel, the Search function, the Run funciont, the All Programs function, etc.



Ah there's another thing. I haven't accessed the internet on my PC for days, i've been posting here from another PC in the house. I've been using a pendrive to transfer to my infected PC the programs and notepad instructions i've been told to get. I cut off the infected PC from the house network, afraid that it would infect the other PCs. So i won't really know if my PC is ok until i access the internet... and i'm afraid to do so (what if some remaining malware starts downloading malwares again), now that it looks so clean.

 

One more thing that is related to what i said in my previous post.


If i right click in my (work space? don't know the word in english.. it's where the wallpaper stays), and click on Properties, then a message appears saying, in English, something like "The System Administrator has disabled ...(such and such)...".


Apparently i'm not the system Adm anymore? I can only access all functions and be the Administrator when i boot in safe mode.

 

Yep, that was it. I only ran MWB and it worked like a charm. Everything is back to normal, or so it seems.

The log comes attached.


I'm still afraid of connecting the PC to the internet, though.. do you think i'm safe to go now?