This virus makes you think your entire hard drive is empty

I’ve run across the same incredibly nasty virus twice in the last three days. Please be aware of this one and don’t panic . What makes this virus so horrible is even when you clean it from your PC, it seems like ALL your files are still gone! The biggest thing you have to know is that your files (documents, pictures, music, etc.) are really still there.

You know you have this virus when multiple windows start to appear on your screen in a tiled fashion… over 30 of them! Each has a different message, like “hard drive failure” and “delayed write cache”. Then a window pops up acting like it is checking your system for viruses that you cannot make go away. Wow.

How do you clean it? I’m going to show you a method here, but this virus corrupts the Windows operating system where it is almost impossible to completely fix. Maybe in a few weeks someone will probably write a routine that will do that, but after Googling for three hours, I could not find one. You clean it by downloading a program called “rkill” to a USB flash stick & start the program. Rkill pops up a DOS box and takes about 5 to 10 minutes to run. This removes the virus from memory and allows you to run a good virus cleaner (I use Malwarebytes) that should clean the root virus. Make sure you run the cleaner before rebooting or the tiles will come right back.

Now is the very tricky part. The virus changes the “attributes” of every file and folder on your hard drive to Hidden, making you think there is nothing on the drive! The best way to fix this is to have an IT guy remove your drive, hook it up to another PC, and use Windows to “un-hide” everything. Another way is to get out to the DOS command box and run “attrib -h -s *.* /S /D”. This method lets you see most of your files, but not all of them.

Even then, the biggest problem is when you click the Start Button, and then click “All Programs”, you will probably see nothing. Your desktop might not have the icons on it you’re used to seeing. Ouch. With the two users I fixed, I simply put shortcuts to the programs they use on the desktop. This at least allowed them to work on their PCs until a convenient time came to have me back up their data again and do a complete Windows re-install. Believe me, I read enough articles in the last two days that confirm this is the only way to completely fix your PC is you catch this virus.