Sever Malware help

B

Billybob51106

Limp Gawd
Joined
Mar 28, 2002
Messages
436
I have a client that brought in a PC with Windows 7 64. When it boots it pops up a program demanding money.blah blah. Well I can not get it closed, when going into safe mode it reboots. Plugging the drive into a spare PC and scanning with MSE, Malware Bytes and Spybot yields nothing! I am at my wits end, any advice?
 
I use combofix exclusively and its gets very good results. When you say it reboots in safe mode, which safe mode, with or without networking support? If you can boot into safe mode with networking support, run combofix, if not, you may have to download rkill which allows you to kill malware processes so you can run combofix in 'normal mode.

You can get combofix over at bleepingcomputer.com
 
Does the same thing happen when you start it under another profile other than the owners?
(might have to reset/enable the admin account)
 
My last resort is usually Super Anti Spyware. I've had it find things that MB missed.

Also, MSE is very week against zero day or recent threats. I wouldn't rely on that to do a whole lot for you.
 
emsisoft emergency kit, in combination with super and malwarebytes seems to get rid of all the hostage viruses I have run in to.
 
I've had the same issue with ransomware and the PC rebooting while trying to get into safe mode (all safe modes do this).
The way I fixed it was to boot from the Windows CD, choose repair and do a system restore to an earlier point. It might say that there was an error and restore didn't work but upon rebooting you will see that it did work. You can now use various scanning programs to remove stuff left behind.
 
also before doing a system restore, if you have another user account on the pc, try that. every version of the fbi ransomware I have fixed I was able to log in to another user account and access the pc to run scans fine. of course I don't know if that is the one you got so...
 
You must log in or register to reply here.
Back
Top