Been trying to get rid of security virus for days. Thought I was successful, however, when trying to run any type of malware or AVG scan in safe mode my computer shuts off. Can someone help please?
You are still infected. You need another computer to download the program to and then put it on a flash drive, then install the program on the infected computer with the flash drive and run it. Click on the link below for the program I use. You did not tell us what you already tried, but this program is good for disinfecting 95% of the nastyies out there. Intsll and let the program update. Run the quick scan only and when the scan is complete it will ask you to click on the "show results" button, do so and it will list all the infections on your system. Click on the "remove Selected" button, this will either delete, fix or quarentine the affected files.
http://www.filehippo.com/download_malwarebytes_anti_malware/
Testimonial: "I can't thank you enough. I know just enough to click myself into trouble and not enough to get out of trouble when I get there. All great now!"
Thanks for getting back to me.....did this virus shut off your system restore? if not, check your restore points....you may be able to restore the system back a few weeks to a point well before you were hit with this. If you have restore points, this is almost a fail safe way to rid yourself of this demon.
A system recovery will delete all your files and recover the system back to factory defaults....system restore gives you many, many different restore points to back the computer up to just in case somethings messes something up and you don't lose any of your personal files, even ones that would have happened recently. System restore only changes the registry keys and program installations, not your personal files....
Just make sure that you are not online when you are trying figure this out, especially if your programs are not yet installed, just flip the switch to the wireless radio to the off position. MalwareBytes will still pick up any malware regardless if it is benign or not. Try the fix below, I want to make sure this isn't a windows boot problem, bott off the windows install disc and follow the guide below.
Windows Start-up Errors
Step one, you need a Windows Installation CD. If you only have a recovery disk set like the ones from HP or Compaq they will not do what you need done. Under normal circumstances however, you can use a Dell disk because the Operating system is on a stand-alone disk. All retail versions are also acceptable as well as upgrade disks. For a rule of thumb, if the disk has the Microsoft hologram it should work.
While the computer is first starting up and you see the manufacturers splash screen, tap F12 (some computers it’s F9, others it may be another key, you may have to watch and see if the computer lists the key strokes for getting to the boot menu. If you still cannot find it, boot into the BIOS settings and change your boot order there. Save your settings and exit, the computer will now seek the cd rom as its boot source first.
Place your Windows disk in the computer and start it up. When you see the test at the top of the page “Press Any Key To Boot From CD” Just hit the space bar to activate. The next screen you will see will most likely be a Windows setup screen, when you see this press the “R” key to get to the recovery console. It will get there, it may take a little time, patience. Once it loads you will be given a choice of Windows installations, there should only be one, if there are more, always pick number one. It may ask for an administrators password, if you have not set this particular password, then just leave it blank and press enter. The next prompt you see is:
C:\Windows>
You need to type the following:
cd \
hit enter. Pay close attention to the spacing between the characters. There is a space between the character “d” and the “\”
You are now at the ROOT of the drive, this is where basic commands can be given and changed. You should now see the following:
C:\>
Now type the following:
CHKDSK /R
Hit the enter key.
The chkdsk /r command also includes the P command and will also look for lost recoverable information in bad sectors.
There are occasions depending on how corrupt the system is, that this process could take several hours, so be patient with it.
Now, after chkdsk has run type the following:
FIXBOOT
Hit the enter key.
It may prompt you with a warning, that’s ok, just continue. When fixboot has finished, type: EXIT hit enter and windows will reboot. When the system reboots, tap the F8 key during this time and you will see the multi-boot menu come up. Scroll to the title “Last Know Good Configuration” and hit the enter key. If you were having some simple drive errors this should have fixed them.
That is really curious why the fixboot was not recognized....it is a mainstay DOS command. The ComboFix you ran should have been a good program to run, I'm thinking it somehow got corrupt. My greatest concern at this point is that there have been so many scans and the quarantine of numerous system files, that the Master Boot Loader will fail and /or Windows will become un-repairable. Did you download an anti-virus program called Avast 5.0? It is very good at scanning systems in the pre-boot area, after it installs, you can go to the settings and schedule a boot scan on the next boot. What is good about this is that your system will get scanned beofre the main Windows system files are initiated...therefore they get scanned as well. If it finds a virus or infection, it will give you choices of what to do, from ignoring the file, to try and fix the file, to delete the file, to moving the file to a chest...etc. The program can be found here.....
http://www.filehippo.com/download_avast_...
You always want to try and fix the files before you quarantine or delete. NEVER delete a system files in Windows....that is what will doom the operating system, those files have to be cleaned or at least quarantined.
Lets reboot the system normally and see if the machine will operate correctly. I do not believe it is necessary to run the scan in safe mode because safe mode does not allow these services to run, that is why it is safe mode....only essential services run to allow windows to boot. Avast will do a preboot scan, just schedule it in the options list. This will scan all windows files before boot up. Once the system is up and running and appears stable, perform a disc defragmentation and reboot.
You only have to run Avast in pre-boot mode when you suspect a problem. Most scanners will not operate in safe mode because their services are not started. You did great......Just defrag now and run your scans once a week and you should be fine.
×
test all power and data leads that attach to your hard drive the leads from your
(motherboard to your hard drive) Sata make sure they have dust free secure connections and are not faulty or just replace them they could be faulty
make sure all leads that are attached to your drives dvd\cd have secure connections and are not faulty
even something as small as a faulty fan lead can cause you problems a computer needs all of the power and data to travel through every working device and to
have an end for a computer to be able work properly
make sure your graphics card is securely seated with no dust you might need to get rid of the virus first Windows Advanced Options Menu Please select an option: Safe Mode Enable Boot Logging Start Windows Normally Return to OS Choices MenuSelect safe mode with networking to download http://www.microsoft.com/en-us/download/virus-malware.aspx?q=virus anti virus and malware http://windows.microsoft.com/en-US/windows/products/security-essentials your operating system must be registered and activated microsoft security essentials Anti-virus and anti-spyware solution Xp http://100-downloads.com/download.php?p=614 Anti-virus and anti-spyware solution windows 7 64 bit you could download and run just the Anti malware program or any other you might need after you have run the Anti malware program
then try it if it does not work
try in safe mode
or try safe safe mode to download or run your antivirus software
or even safe with a system restore
Restart your computer repeatedly tapping the f8 key to enter safe mode while the screen is black once in safe mode where the only things working will be your keyboard and mouse allowing you to attempt to repair your computer
Safe Mode with Networking
Safe Mode with Command Prompt
Enable VGA mode
Last Known Good Configuration (your most recent settings that worked)
Directory Services Restore Mode (Windows domain controllers only)
Debugging Mode
Reboot
http://100-downloads.com/download.php?p=615
hope this helps
1,423 views
Usually answered in minutes!
I have already downloaded malware bytes to a CD and then installed it on the infected computer. When I run a quick can it does not find anything. I have also run a longer scan and it does not find anything. I also ran AVG which found nothing. The first time I ran each it did find something. I thought it was rule of thumb however to run in safe mode to be sure. Unfortunately I can't run any of them in safe mode. I have also searched the registry for exe files that don't belong there and have not found any since I did a recovery. If I can add any more info that would help you to help me, please let me know. I know I am further along because at least I can run regedit and task manager and go online. I am running Windows XP media edition.
Thanks.
I had shut off system restore to do one of the functions along the way so I don't have any. Wouldn't doing a system recovery even be better than a system restore? I just reran malwarebytes and now it found 2 infections on the quick scan. UGHHHH. It was running clean before.
I had shut off system restore to do one of the functions along the way so I don't have any. Wouldn't doing a system recovery even be better than a system restore? I just reran malwarebytes and now it found 2 infections on the quick scan. UGHHHH. It was running clean before.
I had shut off system restore to do one of the functions along the way so I don't have any. Wouldn't doing a system recovery even be better than a system restore? I just reran malwarebytes and now it found 2 infections on the quick scan. UGHHHH. It was running clean before.
I know the difference between the 2..I just meant isn't recovery better than restore to get rid of the virus. I was really getting nowhere and after 4 days decided to do that. And like I said I can now run my anti-malware and anti-virus...just not in safe mode. I backed up all my data files and yes my computer was set back to factory default. I have not started reloading programs until I am sure it is all gone which I don't believe it is. What would cause the virus scan to run clean 1 time and then the next to find infections. what would cause the machine to shut down in the middle of checking for a virus? Is there something I can send you that would help you figure this out better? I really really appreciate your help.
Thank you.
I know the difference between the 2..I just meant isn't recovery better than restore to get rid of the virus. I was really getting nowhere and after 4 days decided to do that. And like I said I can now run my anti-malware and anti-virus...just not in safe mode. I backed up all my data files and yes my computer was set back to factory default. I have not started reloading programs until I am sure it is all gone which I don't believe it is. What would cause the virus scan to run clean 1 time and then the next to find infections. what would cause the machine to shut down in the middle of checking for a virus? Is there something I can send you that would help you figure this out better? I really really appreciate your help.
Thank you.
going to sleep now...any comments you make after this I will look at in the morning. Again, I appreciate all your help and have a good night :)
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
I have Avast not sure if 5.0. I will try and see if I can get that to work. I did goodgle fixboot and vista and there seems to be some issues with that. I was using my daughter's Dell CD which is Vista. All I have are the HP recovery CDs. Should I do anything with those files that AVG found before I run Avast?
Again, thanks for sticking with me.
I have Avast not sure if 5.0. I will try and see if I can get that to work. I did goodgle fixboot and vista and there seems to be some issues with that. I was using my daughter's Dell CD which is Vista. All I have are the HP recovery CDs. Should I do anything with those files that AVG found before I run Avast?
Again, thanks for sticking with me.
Hi again. So I did what you said above except for FIXBOOT was not recognized. So I did reboot and hit last known good configuration. I ran malwarebytes on quickscan and it found nothing but my AVG found
"C:\Qoobox\Quarantine\C\WINDOWS\system32\ritibiji.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\vobulofo.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
"C:\Qoobox\Quarantine\C\WINDOWS\system32\yizuwedu.dll.vir";"Trojan horse Vundo.KE";"Moved to Virus Vault"
Now what?!??! Am I ever going to get rid of this virus? I have not tried to run in safe mode and do scan yet. I am going to wait for instrution to continue. I think my problems got worse when I ran combofix at the beginning of the week before asking anyone for help and it had a bug and started deleting files. I used their fix but have had problems since then. Just grabbing at straws now. Let me know what to do next please. I won't touch anything until I hear from you.
Thanks.
OK...so here is where I am...when running Avast boot scan no infected files show up. When running malwarebytes full system scan no infected files show up. And when running AVG no infected files show up. At least on last scan...haven't run again but hoping I don't need to. However, I still can not run a scan in safe mode. It gets to a certain point and my computer shuts off..doesn't restart just shuts down. Can I safely assume that this virus is finally really gone? And what should I do about the safe mode issue?
Thanks.
OK...so here is where I am...when running Avast boot scan no infected files show up. When running malwarebytes full system scan no infected files show up. And when running AVG no infected files show up. At least on last scan...haven't run again but hoping I don't need to. However, I still can not run a scan in safe mode. It gets to a certain point and my computer shuts off..doesn't restart just shuts down. Can I safely assume that this virus is finally really gone? And what should I do about the safe mode issue?
Thanks.
OK...so here is where I am...when running Avast boot scan no infected files show up. When running malwarebytes full system scan no infected files show up. And when running AVG no infected files show up. At least on last scan...haven't run again but hoping I don't need to. However, I still can not run a scan in safe mode. It gets to a certain point and my computer shuts off..doesn't restart just shuts down. Can I safely assume that this virus is finally really gone? And what should I do about the safe mode issue?
Thanks.
Yes it looks like it is working fine. Should I always have Avast run on bootup...it takes a long time. Maybe there is a setting I should check to allow it to go faster. I just thought perhaps something wasn't running properly because safe mode always shuts down and that is where I usually run my scans to make sure all is gone. I'll do a defrag and reload programs and go from there...sound good?
Yes it looks like it is working fine. Should I always have Avast run on bootup...it takes a long time. Maybe there is a setting I should check to allow it to go faster. I just thought perhaps something wasn't running properly because safe mode always shuts down and that is where I usually run my scans to make sure all is gone. I'll do a defrag and reload programs and go from there...sound good?
×