| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 134970 | 2013-09-09 23:52:00 | Virus problem | Cicero (40) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1353121 | 2013-09-10 03:08:00 | Your'e comp is obviously not booting from the DVD drive,you need to change the boot order in the bios,most are F8 on startup but depends on make of comp Just to confirm that the ISO was burned to disk and not just the file was put on to DVD? speedy may be able to help with the advanced instructions for your setup |
Lawrence (2987) | ||
| 1353122 | 2013-09-10 03:09:00 | This new one is tricky, it actually disables all bootable devices, both CD and usb.:devil But a simple fix for one I had a few weeks ago was almost to easy. ( after spending most of the day trying to get rid of it) Try this --- ( assuming its W7) start up, tapping F8 - select safe mode with command prompt - it should boot, log in if required, then you get the command box. It should be at C:\windows\System32> type in rstrui.exe press enter, after a few moments system restore will open, select a restore point prier to the infection, ( yesterday or what ever is available) run system restore, once done it will need to be rebooted, should start normally. The one I had, I even took the drive out and scanned it with just about every scanner I had which worked in the past, NOTHING detected it. |
wainuitech (129) | ||
| 1353123 | 2013-09-10 03:49:00 | Blimey Wai, that was a near run thing. Your instructions saved the day. If there were better words thank you, I would use them,totally brilliant. I take it there is no point in running the likes of Spy Bot after the event? |
Cicero (40) | ||
| 1353124 | 2013-09-10 04:22:00 | Blimey Wai, that was a near run thing. Your instructions saved the day. If there were better words thank you, I would use them,totally brilliant. I take it there is no point in running the likes of Spy Bot after the event? Sweet it worked for you to-- One good reason not to disable system restore as so many suggest :) You can run Spybot if you like, not going to hurt, but this is what happened to me. Found out the hard way (taking most of the day) damn bootable CD's or USB drives that booted with the previous versions didn't work. I actually thought it was a BIOS setting, but when I put on a clean HDD/OS the bootable CD's worked, infected drive didn't. :confused: Removed the drive, slaved it, ran Nod32, Norton tool that's designed for this infection, AVG removal tool, Trend Micro( I was trying all) Hitman Pro, Spybot, Super antispyware, Kaspersky's Disk, every thing I had, nothing would detect it. I was right on the verge of reinstalling the drive when I thought-- what the hell try system restore, cant hurt -- And that worked. When running again, did a scan with various software, didn't come up with anything. Only thing I did do was disable system restore once running to clear any previous points, then enabled it again, created a fresh/new restore point. |
wainuitech (129) | ||
| 1353125 | 2013-09-10 04:55:00 | Thanks and I hope all have taken note, nasty piece of work that. | Cicero (40) | ||
| 1353126 | 2013-09-10 05:02:00 | Good you have it sorted,the family members one I sorted did not even allow you to get into safe mode but booted from the DVD drive Did you try the Rescue disk just to see what it looked like? as you may be able to help someone else and will be able to go straight to it |
Lawrence (2987) | ||
| 1353127 | 2013-09-10 05:19:00 | What a b****td that one is now. Sister got it the other day and we couldn't get into safe mode. She lives away from me so she got it fixed by a local tech. Don't know what he did but he seemed to have fixed it promptly. Good tip re restore. Would never turn this off. |
linw (53) | ||
| 1353128 | 2013-09-10 06:20:00 | Good you have it sorted,the family members one I sorted did not even allow you to get into safe mode but booted from the DVD drive Did you try the Rescue disk just to see what it looked like? as you may be able to help someone else and will be able to go straight to it I suspect that the rescue disc is not working at mo, they seem to be covering all avenues. |
Cicero (40) | ||
| 1353129 | 2013-09-10 06:46:00 | What is the infection vector? Email, file download, accessing infected website? It would be helpful to get some idea, but I guess that it is probably impossible to say. What OS's are affected? Cheers Billy 8-{) :waughh: |
Billy T (70) | ||
| 1353130 | 2013-09-10 07:00:00 | From what I've seen its in the temp files, hits XP, Vista and W7. Usually they disable safe mode, but safe mode with command prompt often works to allow command prompts. Eg: running system restore like I mentioned. It seems to get in via infected sites, or a random drive by download. |
wainuitech (129) | ||
| 1 2 | |||||