Virus

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

• **** If something does not run, write down the info to explain to us later but keep on going. ****
• Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

• After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!

Helpful Notes:

1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
   
   
   • Starting your computer in Safe mode
2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
3. If you cannot seem to login to an infected user account, try using a different user account (if you have one) in either normal or safe boot mode and running only SUPERAntiSpyware and Malwarebytes while logged into this aother user account. Then reboot and see if you can log into the problem user account. If you can then run SUPERAntiSpyware, Malwarebytes, ComboFix and MGtools on the infected account as requested in the instructions.
4. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
   
   • Don't Bump! It Only Hurts You!!!

Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
​

 

Either try doing it in safe mode or use a different computer to download the scanning tools and transfer them via usb thumb drive or a cd.

 

Try creating this disc and boot to it. ( You will need to change your bios so it boots to the cd-rom first ):
Kaspersky Rescue Disk.

 

Yes, if you can. If normal mode is viable, then you can still either create that disc ( using a different computer ) or if you have downloaded MBAM, SAS, ComboFix and MGTools to a cd/ thumb drive, you can try installing them on the infected computer.

 

And you can't log into safe mode? Do you have your install cd?

If you do, you could try doing this:
Here is the link to the MS article How to recover from a corrupt registry.

Otherwise, you should try the Kaspersky disc.

 

Yes, just like doing a clean install, you need to boot into the bios and change the boot order to cd-rom first device. I am not sure which key your system wants to get into the bios, it could be f12. Not sure. It will flash briefly when you first boot up before the OS starts to load.

 

Aarrgghhh!!! Try creating it again, or you can try any of these:

• http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
• UBCD4Win
• http://www.sysresccd.org/Main_Page
• http://trinityhome.org/Home/index.php?wpid=1&front_id=12
• Kaspersky Rescue Disk.
• BitDefender Rescue Disk-with-auto-update.

 

There should be an option to scan your hard drive. :confused

 

Do you have your OS cd? You may want to try doing a repair install. This may not be a malware issue.

You could use the UBCD4Win disc to boot into so that you can get your files and data off to a backup source. That way if you absolutely have to, you can do a clean install.

 

That is just the drivers disc. You would need the original OS cd. Surely someone knows where you have those stored for your office computers.

 

As long as it is the OS for your computer, then yes. I am guessing that maybe all the computers in your office are the same and this is an OEM disc. Do you know how to do a repair install?

 

Boot to the OS cd. Hit enter when is prompts you to hit any key to boot to the cd. You will be asked if you want to do a repair (R) or an install. Do install. It will then find your previous install and ask if you want to repair. This time do choose R. Then it will just start loading all the files.

 

Good to know. Do run the scans and attach the logs when you are ready.