StarDestroyer.Net BBS

I just downloaded and ran a .exe file because it seemed to be something I was looking for, it ran, installed, then a command prompt window came up which did nothing. I searched for the file in my downloads folder and ran it, it then said Windows has suffered a critical error and will shut down in one minute, please save your work. I now have no sound, and any sound file I attempt to play will say 'windows media cannot play the file'. Also, system restore seems to be broken; 'The Volume Shadow Copy used by system restore is not working' is the message I get.

Presumably a virus? I'm running Windows Vista and don't have any firewall/antivirus since no one seems to have made one for it yet, or at least they hadn't when I looked a few months ago.

Any ideas?

What, you couldn't have just stuck Avira AntiVir or something on your computer for free if absolutely nothing else? There's no excuse not to have ANY firewall or antivirus now or a few months ago, dude.

Try running some shit like that and see if it helps may be the first order of business.

You know, hanging around here of all places, I thought the message was sufficiently clear... Don't run things you don't trust.

Hate to say it, but a lot of viruses tend to screw Windows up to the point that even if you disinfect it you can't guarantee that you got everything, because by that point often a half-dozen other viruses have infected the system. Best bet is to back up your documents, wipe the hard drive and reinstall Windows, install a virus scanner and firewall (I strongly recommend AVG Free Edition as it doesn't get in the way as much as the big-name AV products yet is just as effective, plus it doesn't cost a thing).

After that's installed, scan your backed up docs to make sure nothing's hiding in them and bring them back in.

I'm usually quite careful but we all make mistakes.

I tried Avira AntiVir and it doesn't seem to work properly. It finds a virus, and then can't do anything with it, because whichever action I choose the window just reappers with a bleep from the tower.

Completely wiping it is a last resort because I have a lot of high-storage files (TV series' etc) which would be a pain to copy. I do have a twin striped hard drive however, so might it be possible to deactivate the striping, wipe one, put all my stuff on it, then wipe the other and reinstall windows?

Twin striped? You mean RAID 0, as in two hard drives with striping to make them look like one?

If that's the case, then no way that'll work.

Anyway, 1) if you can burn a CD, and 2) if your RAID is set up through the BIOS and not through software, here's what I'd recommend: download Trinity Rescue Kit and burn it to CD, then boot from it. Choose the option to update and run a virus scan, which will update the built-in antivirus and run scan your hard drive. Since Windows won't be running, the virus can't stop the virus scanner from operating.

Lazarus wrote: Completely wiping it is a last resort because I have a lot of high-storage files (TV series' etc) which would be a pain to copy. I do have a twin striped hard drive however, so might it be possible to deactivate the striping, wipe one, put all my stuff on it, then wipe the other and reinstall windows?

There's no way to "deactivate" a RAID 0 configuration and keep the data - removing any hard drive from the array renders the remaining ones useless, as any individual file can be split every which way across the individual drives in the array.

You're going to have to get something to make a backup of your larger files while you wipe the system. While you're spending the money I'd recommend getting a IEEE 1394 external drive, and back up any files you need onto it. Once you've wiped the main drive and reinstalled Windows, set up the external as a backup device.

Crayz' "Linux on a CD" suggestion might work for you, but the viruses I've dealt with have left so much crap behind, even after being found and destroyed, that it's more convenient for me to simply make a backup and start over. YMMV.

Twin striped? You mean RAID 0, as in two hard drives with striping to make them look like one?

Yeah that's what I mean, and the TRK looks like a good idea, I'll give it a shot.

Masami, the Avira program you recommended won't uninstall. There's no uninstall option in either the program or it's start menu folder, when I try to get rid of it from control panel it says it's already gone, and if I try to manually delete the Program Files folder it says 'access is denied'. What is this shit? I can't run another anti virus until this one is gone.

I'm also recommending backup + nuke, just make sure to scan your backups.

F-Secure has similar Rescue CD that Crayz posted (Thanks), but it only uses their scanning engine and doesn't have anything else. F-Sec Rescue CD

You could try to run online scanner, like this F-Sec one. (Win 32bit, IE, JS, ActiveX required...) If it works, do not let it decide what to remove... It wanted to remove ftp server from one of my machines when I ran it.

AVG Free, avast! Free and that Avira are free and should work with Vista. (Also with 64bit, unlike my current paid solution...)

Did Avira tell what virus it did find?

I tried the Rescue Kit but I couldn't get it to work - I wrote the .iso file to disc then tried to boot from the disc but I just got an error message with the standard 'start windows normally', 'safe mode' etc. Maybe I'm missing something though.

I managed to get AVG working and it found 4 trojan horses which it promptly deleted, I then did a system restore to the 19th and everything seems to be ok now, though I'm going to have to reinstall AVG. It also got rid of that Avira rubbish - as far as I'm concerned if a program doesn't have an uninstall function it's A Bad Thing.

I'll try and find a firewall that works with Vista, when I looked for one upon getting this PC nothing was compatible, hence the lack of firewall or AV, though that was a bit ago now.

Thanks for the help folks! Thankfully this thread was helpful in contrast to the thread I posted on a tech support forum where it was ignored, probably because it was beneath the notice of the PC elitists there.

I am unfamiliar with Vista.....still even using 98 SE on my laptop....but XP has a built in firewall. Doesn't Vista or does it have problems?

What, you couldn't have just stuck Avira AntiVir or something on your computer for free if absolutely nothing else? There's no excuse not to have ANY firewall or antivirus now or a few months ago, dude.

Yes there is, since AV software is increasingly unreliable and ineffective (see this example), and totally unneccessary for the competent user.

I concur with Adam's nuke-and-reinstall suggestion.

Edit: typo

RThurmont wrote:Yes there is, since AV software is increasingly unreliable and ineffective (see this example), and totally unneccessary for the competent user.

I'd have to agree. Not a single infection in years, with no AV installed. An online file scanner sufficed for the handful of instances where I deemed it necessary to check individual files.

Lazarus wrote:I tried the Rescue Kit but I couldn't get it to work - I wrote the .iso file to disc then tried to boot from the disc but I just got an error message with the standard 'start windows normally', 'safe mode' etc. Maybe I'm missing something though.

Two possibilities there...

1) did you just stick the .iso file on a disk? That won't work since the iso is actually an image of the disk itself, i.e. a 1:1 representation of the CD. If you have Nero, you can choose Burn Image to CD to write a .iso file, or if you don't have that, there's a lovely program called ISO Recorder that is a simple two-step wizard for burning images.

2) Your BIOS is not set to boot from CD. You'd have to enter the BIOS setup (on most computers, pressing DEL, F1 or F2 during the initial splash screen takes you there) and then finding where boot order is listed, and placing the CD-ROM drive ahead of the 1st hard drive.