Computer restarting after a minute

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by nimrod891, Jul 29, 2012.

  1. nimrod891

    nimrod891 Private E-2

    Hello,
    This morning I was planning on downloading a patch for the demo of PES 2013, and I looked at one of the screenshots in the comments.
    It was really a picture but looks like it also had malware in it.
    At first I got the problem of something called Live Security Platinum. Some fake program trying to force me to buy their products. It also disabled many features in my PC.
    Eventually I got rid of it by running malwarebytes in safemode, then I had a new problem when I returned to normal mode. I reinstalled Microsoft Security Essentials and got this message saying "Windows has encountered a critical problem and will shut down in 1 minute, please save your work".

    Ever since then, I didn't manage to fix the problem. Few times before the shutdown MSE detected a trojan called sirefef, but when I clicked show details and chose "remove" for both trojans, the process took too long and the computer restarted as usual.
    This happens in safemode as well.

    I tried to use the option called "Disable windows restart in case of critical warnings" or something along those lines (Found in the booting menu when I press F8 on loading).

    I also tried various tools, something with a panda ZAccess tool, and more types of removers, no luck (or took over a minute).
    I figured if I manage to prevent the shutdown, ill be able to fix it, but using "shutdown.exe -a" does not work to abort the shut down.

    Some details, my PC is a desktop running vista 32 bit OS.

    Now after all other things failed, I decided to try Kaspersky Rescue Disk 10. I burnt the iso and booted my system from it, I have it open etc and I encountered a problem trying to update the databases - Even though I am connected to the internet, the process starts and when completed it still does not say the databases are "Up to date" with green lights, it says something else with red lights "Obsolete".
    I finally decided to ignore it and still run a scan just in case it might help, I am currently at 13% complete and I hope it will work, but just incase it won't I am writing here. I don't think it will work with outdated databases.

    I cant think of any other information I can provide at this point, I would really love some help from you guys. I also noticed my UAC and firewall were disabled if that helps.

    Thanks in advance!
     
    nimrod891, Jul 29, 2012
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    [​IMG] For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
    For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    To enter System Recovery Options by using Windows installation disc:

    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Choose your language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    • Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please attach this log to your next reply. (How to attach)
     
    Kestrel13!, Jul 29, 2012
    #2
  3. nimrod891

    nimrod891 Private E-2

    When I press F8 after the motherboard screen, I enter the Advanced Boot Options and I have the following options:

    Safe Mode
    Safe mode with networking
    Safe Mode with Command Prompt

    Enable Boot Logging
    Enable low-resultion video (640x480)
    last known good configuration (advanced)
    directory services restore mode
    debugging mode
    disable automatic restart on system failure
    disable driver signature enforcement

    start windows normally



    ^ those are all the options I have, but non of them say Repair Your Computer. Which one should I choose?

    Thanks for your help!
     
    nimrod891, Jul 30, 2012
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    If you really cannot complete the below in normal mode try safe mode.

    I want you to run TDSSKiller so refer to the below for how to do so.

    TDSSkiller - How to run


    Please also download MBRCheck to your desktop
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.




    Now do not stop, please continue on with the below instructions too! :)
    v
    V
    V
    V
    READ & RUN ME FIRST. Malware Removal Guide
     
    Kestrel13!, Jul 30, 2012
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds