Oh, the luck I've been having lately...

Recently, I've been having some performance issues and have been doing work I wouldn't normally do to a healthy CPU.

I removed Norton Anti-Virus/Firewall last week because I was told its a system hog. I replaced it with Zone Alarm, but hadn't got to installing a new anti virus software(Avast) before what I think is a virus happened.

I returned home from work saturday to my spouse saying, "I didn't touch the CPU!" Strange to hear words like that, I said "why?" She urged me to go look and when I did.. There were more windows popped up on my machine then I could count. Most of them saying something like spyware/virus in the title, but they looked more like a suspcious ad then an alert from my pc.

I turned off PC, restarted in safe mode. Ran Spybot but it only gave an error and wouldn't work. Installed an old free copy of Adaware, and it worked but.. it only found a couple of data miners. I did a system restore. (*thinking that had always saved me before*) When the machine rebooted after a successful restore, the screen went black after the initial Windows screen came up.

The point I'm at now is, what can I do...

I have pictures that aren't backed up that are still on the HD. How do I get them written to CD? Safe mode wasn't allowing me to write anything to CD or DVD, saying something to the effect of *invalid drive* or *not accessable*

While I don't want to have to reinstall the OS, I would do that if there is no hope.. but I do need to get some data off the HD first and I'm not experienced with safe mode.

Any advice would be greatly appreciated.

Well, you could borrow a hard drive from someone with an OS on it, boot from it as a master drive (with your current drives set as slaves) and copy what you want. Be careful thou, some virus can spread between drives.

I should mention if it wasn't clear, I can still boot up in safe mode and see everything. Its just in regular mode that the screen is black.

I don't know if buying a new anti virus program and installing it in safe mode would solve the problem, but I don't believe you can access the internet in safe mode, right? Meaning I probably couldn't register the product/update/etc.

Is there a way to copy info from the CPU while in safe mode? or is buying a new HD, installing OS, etc and plugging old drive as slave my only option. I'd really hope to not have to do that if possible.

I had to do the mentioned above to save stuff for them on my harddrive
I took her hd out and put it in my computer.
disable boot order so that infected drive is not in a boot order

you will need to check off simple file sharing, the folder your trying to copy you will need to set the security setting to your user name. document&setting lets say blow joe, proprieties,security,change to your user name now you can copy the files/folders. If there are alot of file it will take a bit to change the policies

There is a "Safe Mode with Networking" i believe.

A quick google gave this: http://forums.cnet.com/5208-6637_1 [...] ID=1963980

Maybe you can try to "Repair" your windows installation? This is what i had to do to back up some stuff when i had a similar virus, only mine deleted explorer.exe so i couldn't see anything on the desktop, and infected every .exe file in the computer. I obviously had to format after.

Hope this helps .

And here is some more information:

"Update VGA Driver

The next thing is to update the VGA driver. This time I booted into the standard VGA mode instead of safe mode and it worked. So it is very possible that the VGA driver is causing the problem. Since it is a NVIDIA card, I downloaded the most recent driver from their website. After re-installing the driver, it was able to boot normally and no more black screen. (Alright!)"

For Nvidia cards: http://www.nvidia.com/Download/index.aspx?lang=en-us

For AMD cards: http://ati.amd.com/support/driver.html

The first step I always take when I suspect there is a malware infection, is to boot from a linux live-cd (as this will make sure nothing else is running in the background), and take a backup of all essential data which is not already backed up. By doing it through linux, you will reduce (not eliminate!) the chance of the backup media being infected, and also this can be done with little to no risk of data being changed while you attempt it.

The following how-to is from my very limited memory! I will hopefully do a better write up soon if no one else has given a good response, however I will probably be busy all this weekend, so you may have to wait until next week

If you can use another computer (at work, or a friends rig maybe?) to download a distribution and burn it to CD, then you should be able to boot from the disk. I would suggest you try Ubuntu 7.10 if you have never used linux before, as this is tailored towards people who do not have much/any experience with linux, and is compatible with almost all recent hardware. You can download Ubuntu free from http://www.ubuntu.com/getubuntu/download.

Once you have booted this, it will give you a few options. Select the top option (I cannot remember what it says off the top of my head), and after it has loaded, it should give you a full graphical desktop. From here, if you have a play around (I think it is in Places --> CD Burner, but it has been too long - I will try and give a better walkthrough soon!) you should be able to find your data and burn it to disc if you have 2 optical drives, or copy to a flash drive/external hard drive if you dont.

After you have created this backup, I would suggest going to Applications --> Add/Remove Programs and searching for clamav - this should allow you to install and run a virus scanner without worrying about a virus running in the background which could be protecting itself from removal.

Sorry for the lack of memory - I'm useless!