A viral problem

[Final_metroid]

Some time ago, I got a virus off of god knows what and I got infected by a worm called "taquito.exe." Unfortunately, I was in admin mode so the virus was able to wreak havoc and managed to kill essential windows processes while causing a BSOD when I tried to start-up again.

From preliminary research, it seems taquito resides in a restore folder on my drive. Although I am using another computer at the moment and have migrated much of the files I wish to save in case I want to wipe the hard drive, I would also like to find out if deleting the folder that harbors taquito could rescue my old computer (assuming all taquito does is kill processes and not hard data...)

Thanks to any help in advance!

[Late Mistakes]

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fHamweq.gen!C

[Final_metroid]

Since i'll only be able to slave the drive, one thing I've heard is that viral scans can be less effective because the virus scanner doesn't have access to active processes on that computer. The solution you posted says that the virus has some registry integration, and I'm iffy about trying to delete the virus manually because any Macs I slave it to can't interact with the NTFS format and any Windows OS I slave it to will refuse to bypass the file permissions still on the drive.

I'll use the tool on the drive via custom scan and see what happens

[Late Mistakes]

Keep the computer off any network, scan the drive as a slave, remove what you can, scan the drive as a master.

[prophetik music]

if it's causing a BSOD, it's because it's either broke your partition table or it's managed to delete essential windows processes that are required to reboot.

i'm assuming you've already tried to boot into safe mode. your best option here is to just back up your files with an external enclosure onto another hard drive and reinstall windows.

isn't this like the fifth time your computer got hosed by a virus? stop torrenting and P2Ping, man

[Final_metroid]

I mean, I havn't posted on the Help section in awhile... but chagrin aside, bleh. I guess it is logical to assume that the system will still be kaput even if I remove the viral files...

So far, I used a Mac to migrate the files from the hard drive to an external mac formatted hard drive that I borrowed from a friend. My own external drive is NTFS, so I might have to do a roundabout route of transferring from the mac drive to USBs, then logging onto a windows computer to transfer data from the USBS onto my own drive (All of these steps HOPEFULLY with no loss of data integrity...)

Something I should mention is that the whole reason I used a mac to migrate the files was because any windows system I used to interface with the drive refused to copy files off the hard drive because it was all protected for some reason (whether this is the viruses doing or my own oversight I don't know). If I successfully migrate all my files, will the old file permissions still be on them from the old computer?

[Late Mistakes]

You alluded to a single BSOD, so we can only guess if the drive is kaput, it could have cause the problems prophetik mentioned, or even been bit shifted.

Not knowing the size of your files needed for transfer I suggest a program like www.dropbox.com/ to make this a bit easier.

The files may have become read only, or needed admin permission to access, so that might be the problem on using the windows to windows transfer.

They should keep their old permissions if you are referring to read only, write, etc.

[prophetik music]

likely the drive isn't toast. he'd be getting write errors aplenty when attempting to transfer the data off if it was. likely it's a rootkit infector that ate his boot.ini and related files.

with any version of windows, if you've turned off simple file sharing, you can easily go in and change, remove, or reset permissions, owner, etc on any file in any folder. it's how we used to delete the Vista and W7 folders in XP, where they're normally blocked from doing so thanks to administrative rights and file permissions.