same prob, more diagnostic information, recovery possible?
Carol, as someone else who has been hit by this, let me say I'm really glad to see someone take an active interest in it. Your words here are encouraging.
I followed the removal instructions at http://www.bleepingcomputer.com/virus-removal/remove-windows-diagnostic
And it seems like I've gotten the malware removed, but my files are still missing. As with the OP, I'm strongly motivated to recover the data, as it is the sum of a lot of work. (2+ years, and I need it to graduate).
I did follow the instructions, running rkill and malwarebytes. Malwarebytes has quarantined 6 files and 1 registry entry.
During the phony error messages, before I got it cleaned out, it threw out warnings about hard drive errors and being unable to save some files, etc. But the messages seemed consistent with the description of phony warnings, so I wasn't too worried.
Anyway, I *think* I have it cleaned out. But as I mentioned, my files are still missing. My OS is windows Vista, and when I navigate to the users folder in my c drive, the admin account folder is missing; there's only a guest and public folder. (As a backdoor?-> )I can use the search function to find a few specific files in the downloads folder of my account, but I can't find them all that way. Further, when I navigate to the download folder in the directory pane (not through the c drive/users), it appears to be empty. Also, the documents, pictures, music, etc, folders appear to be empty when checked like this.
The three or four quick icons (firefox, show desktop, cycle active pane, etc) that sit in the (system tray? Taskbar?) Immediately to the right of the start button have also disappeared.
As a point of interest, on start-up, a calendar program called rainlender, that I've been using for a long time throws an error message that it cannot open a .log file that is kept in c:\users\adminuseraccount\.rainlender2\rainlender2.log. It says " (error 5: access is denied.)
The hard drive capacity/usage seems to be what it was before this problem, if I remember correctly?
I have not tried a rescue disk, and unrelated, the optical drive is dead, but flash drives work for loading things if I couldn't download them. It seems to be able to navigate the web fine.
While searching (for this post it seems ), I came across this link http://www.socialblogr.com/2010/09/how-to-restore-files-hidden-by-virus-on-windows-7.html, which discusses what sounds similar on a windows 7 computer, while I have vista, I'm wondering if this is a direction we should consider?
I'm wondering is if the files are still there and can be restored without resorting to more dramatic means, such as a recovery program?
Was this reply helpful? (0) (0)