Hey there, Playground. If there's one thing I've learned here in the past few years it's that, between you, you all know pretty much everything there is to be known.

And so it is to you, the Playground, that I turn in my hour of need in the confident hope that your collective expertise will save me.

My wife's laptop got a nasty piece of malware. It was called Antivirus Plus and it did that thing where any time you did anything it popped 75 windows talking about how you've got all these viruses and click to remove them and all that.

No problem. I'm good at this stuff. So I boot the bad boy up in Safe Mode and run Spybot and AVG Antivirus and we get a few threats and I remove them. At the same time I went into Control Panel and Uninstalled the program causing all the trouble.

I then rebooted the machine so I could run Ad-Aware (which for some reason never works for me in Safe Mode), but then we h it the problem:

Black screen. Mouse Cursor. Nothing else. Ever.

So I reboot (the nasty way, with the power button) and try to go into Safe Mode again. No good. I go into Safe Mode and it logs and logs me right back out.

So, basically, I'm stymied. I can't actually access the computer. There isn't much on there that's irreplaceable, but there are some things that close. So I'm loathe to just wipe it and start over.

I tried going to into the thing using Recovery Console, but the folders where the good stuff is are not accessible. Probable because they're user-specific folders and they're not Shared. Or whatever you call it.

So. What can I do? Does anyone know what causes/caused this issue? Can it be fixed? Can I reinstall some of windows and leave what's already there untouched?

But failing that, even if I could access the folders (C:\Documents and Settings\Username\Desktop\Stuff I Can't Replace) then I'd be fine. Cope to CD or Flash Drive I could just format the whole thing a re-install from scratch.

I'm running Windows XP, SP3 (I'm pretty sure anyway) on a Dell Vostro Laptop.

Help me, Playgrounders in the Playground, you're my only hope.

With that much malware you're better off reformatting than trying to clean it all.

To get access to the data already on the machine, I recommend knoppix. It's a linux distro that boots off a CD and won't install to your hard drive. Boot from that and you should be able to copy off your data to another machine or a flash drive.

I also recommend making a patch CD if you do the reinstall. Put antivirus, antivirus updates, spybot, adaware, drivers, windows updates, and firefox on it. When you reinstall windows don't turn on any internet connection until you've installed everything on your CD. I've seen windows machines get owned in the time it takes to download new antivirus software.

I suggest that after your computer is up and running again, that you either go get an external hard drive, or subscribe to Carbonite (it's around $60 a year I believe). That way you have a space to have those files you can't replace in other areas so you don't have to worry about losing them in the future.

I'm running Windows XP, SP3 (I'm pretty sure anyway) on a Dell Vostro Laptop.

Hey, me too!

I have less than no idea how to fix it. That's pretty much the only contribution I have to give, here.

I named it Vatsy.

do you have a desktop handy?
which version of the Dell Vostro do you have?

you'll need a philips head screwdriver.

You could also buy an external hard drive chassis/docking before you wipe everything. Take out the HD, put it in the chassis/docking, access it via another computer, backup everything you need, put it back in the other computer and wipe. Easy peasy.

Of course, no guarantees the HD won't infect the healthy computer.:smalleek:

Unless you've used encryption (highly unlikely) every single one of those files can be accessed and backed up before formatting. If someone has physical access to your computer, it has no security.


You will either need an external hard drive or a second computer.


If the best you can get is an external hard drive, boot the computer with an alternate operating system from some form of bootable media. A Linux based Live-CD will do the trick, as will The Ultimate Boot CD for Windows. The recovery console can actually do it just fine too, but you will need to do it all from the command line. Note, an alternative OS could also be a bootable drive imaging software such as Norton Ghost or Acronis True Image.

Once that has loaded, copy what you want to the external drive. You may need to "take ownership" or change the permissions of the files.


Alternatively, remove the hard drive, plug it into a second computer (depending on configuration you may need a 2.5" to 3.5" drive adaptor or external hard drive kit), then copy the data across. Again, you may need to "take ownership" or change the permissions of the files.


Be careful of allowing your computer or the second computer to be reinfected.

It's already been said, but I further support downloading a Linux live CD and using it to back up your harddrive.
Alternatively, you could possibly get away with just installing windows ontop of the current version without deleting files and folders.... But I wouldn't risk it.

Everybody has covered just about everything that I was going to say. USB to Sata/IDE cable, pull out the HD and grab anything you want to keep, make sure to run numerous antivirus scans on whatever you recover. Nuke it from orbit, only way to be sure, etc.

But you might also want to look into the behavior that allowed the computer-eating virus to get on there in the first place. I know it can be a sensitive subject as I went through it with my wife a few times. The first time I chalked it up to bad luck, the third time I was nuking the HD and reinstalling I started asking some questions and discovered Limewire was the problem. After explaining the dangers, no more computer meltdowns.

So it might've just been bad luck, but it doesn't hurt to ask a few questions and try to educate the less tech-savvy about some of the dangers out there and how to avoid them.