Virus help

[Ballatician]

Hello hello

I hope this is the right forum for this, please let me know if not.

My desktop doesn't get much use these days other than being connected to my TV. Over the last couple weeks it was used by my temporary roommate who mostly just streamed video. Low and behold, something gets messed up last night.

This is a custom build with Win 7 and when I turned it on my resolution changed and this Live Security Platinum crap started running. I realized quite easily that this was a virus and started reading around. All of the instructions start with Safe Mode and since my Gigabyte motherboard doesn't allow me to get in with F8 (maybe I should have tried to find a PS/2 connected keyboard but didn't have one lying around), I went to msconfig to choose safe mode.

Now when the computer boots up, into safe mode, it lingers at the login screen and then simply restarts and does this cycle over and over again. I can't even put a password in to get in to safe mode.

I'd like to troubleshoot first before everyone says save/format, etc so does anyone have experience or suggestions? I have a laptop to connect stuff to if need be...

The OS is on an SSD and data on a regular HDD. I'd just like to go back to having my media computer back :/

TIA

 

[mechBgon]

Easy thing first, try a System Restore if you haven't already.

 

[Ballatician]

If I understand correctly, to do that I need to boot with an OS disk right? I don't have one with me but can borrow one from work I hope. Will report tomorrow on if it worked.

 

[Ballatician]

Easy thing first, try a System Restore if you haven't already.

Alright, I tried this out at last. It turns out I don't have any restore points to work off of. Any ideas on next steps?

 

[mechBgon]

One option is to do an offline antivirus/antispyware scan with bootable scanning CDs/DVDs as your opening move, then boot into Windows and scan live with some further tools, run HijackThis and analyze the logfile at http://hijackthis.de, and see if your system's clean now.

Kaspersky bootable scanning disc ISO: http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso

AntiVir bootable scanning disc ISO: http://professional.avira-update.com/package/rescue_system/common/en/rescue_system-common-en.iso

Superantispyware has a portable version: http://superantispyware.com/portablescannerhome.html

Malwarebytes is often recommended: http://www.malwarebytes.org/products/malwarebytes_free/

HijackThis: http://sourceforge.net/projects/hjt/


Before launching a scan, max out all the settings. For Kaspersky, I have a cuesheet:

Hope that's some help, good luck!

 

[Ballatician]

That is along the lines of what I was thinking so I will try this tonight.

Didn't want to take a chance that I wouldn't be able to boot from my cluttered USB drive so burned the Kaspersky file to disc. Hope this gets me at least back to functional to do further cleaning as you suggested.

 

[Ballatician]

One option is to do an offline antivirus/antispyware scan with bootable scanning CDs/DVDs as your opening move, then boot into Windows and scan live with some further tools, run HijackThis and analyze the logfile at http://hijackthis.de, and see if your system's clean now.

Kaspersky bootable scanning disc ISO: http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso

AntiVir bootable scanning disc ISO: http://professional.avira-update.com/package/rescue_system/common/en/rescue_system-common-en.iso

Superantispyware has a portable version: http://superantispyware.com/portablescannerhome.html

Malwarebytes is often recommended: http://www.malwarebytes.org/products/malwarebytes_free/

HijackThis: http://sourceforge.net/projects/hjt/


Before launching a scan, max out all the settings. For Kaspersky, I have a cuesheet:

I did the Kaspersky Rescue Disk but so far I am still in this infinite restart loop. I get to the login screen and it auto restarts. I guess I will try running the other bootable av's and see...

 

[Danimal1209]

Boot into windows normally. Open Msconfig and remove the program from starting up with windows. Reboot, and destroy it.

 

[Ballatician]

Boot into windows normally. Open Msconfig and remove the program from starting up with windows. Reboot, and destroy it.

I cannot boot into Windows unfortunately. At this point, I am considering a complete reinstall of windows.

Maybe use a linux cd to copy all my data off. It is going to be a real pain to re-install everything with settings so I'll try a few more AV options first.

 

[Danimal1209]

If you can't boot in to windows, then a reinstall is imminent.