Infected PC (XP) can only boot up in Safe Mode

  RubyJ 11:50 12 Nov 09
Locked

Would really appreciate any advice on what to do.....
Went to switch my PC on couple of days ago and it took me to a screen (black background) that said there had been a problem caused either by hardware or software and gave me options to select to continue - initially I selected 'Start Windows normally' but this wouldn't work & kept returning me to the same screen. There is an option 'Last known good configuration' but I haven't tried this as if I do have a virus I wasn't sure if I should. I have booted up using Safe Mode, I have also used Safe Mode with Network.
Whatever I have has disabled McAfee Anti Virus, which in Safe Mode was showing as being out of date etc. I logged onto to my acount with McAfee & tried to re install it which appeared to work but when I click on the McAfee icon it displays an error now.
I have Spybot Search & Destroy which I ran and this found the following -
Microsoft.WindowsSecurityCenter.FirewallByPass
Smitfraud.C
Spybot appeared to remove these entries OK.

I also ran SpyHunter which found different things -
Zlob Trojan
Wild Tangent
But I don't have the SpyHunter bit which actually removes these things...
Firstly why are Spybot & SpyHunter finding different things ? (apologies for my ignorance, I'm not a techie!)
Seconding.... can anyone advice what I can do next ?? I have no idea how I have got these problems, I have McAfee which runs all the time & is kept up to date, also Spybot Search & Destroy ?
Any advice would be really apreciated.

  User-1229748 12:05 12 Nov 09

have you got spyhunter in add/remove as it needs to be removed?hoping you havn't paid anything to these people?you will need to download update and run malwarebytes and superantispyware fromclick here

  provider 2 12:18 12 Nov 09

Googled a bit and found some very mixed reviews about SpyHunter, which is a bad sign in itself.

As smackheadz says, do what you can to get rid of it then see what Malwarebytes Antimalware and SUPERantispyware (both free) can find.

  RubyJ 12:35 12 Nov 09

Thanks for the responses. I will try and remove Spyhunter this evening, I downloaded it for a free scan.. obviously a bad move, I haven't paid for anything though. I'm really worried now about downloading anything and causing more damage. Will Superantispyware actually remove anything or just tell me what infection I have ?
Really appreciate your help.

  provider 2 12:43 12 Nov 09

Both the above will scan then ask what you want to do. Suggest you quarantine everything, first of all, then delete later.

Free scans, as you say, are a definite no-no in the anti-spyware, anti-virus field.

  pcbobby 13:18 12 Nov 09

Have used Superantispyware for ages. I commend it as safe and easy to use.

I have taken advice from many estabilished memembers.

The following software is free and reliable.

Comodo firewall/antivirus.(Auto updates iteself)

SpywareBlaster. The free version has to be updated manually. It protects, but does not scan.
Can use Comodo or Superantispywrae to scan.

  RubyJ 08:51 13 Nov 09

I attempted to download Superantispyware last night - booted up in Safe mode with network - only when it got to install I got a message saying Admin rights were needed to continue - which I should have, so I guess whatever has infected my PC has taken admin rights. Is there anything I can do to get this back ?
Thanks again.

  birdface 10:28 13 Nov 09

I don't suppose that you have tried a system restore to a time when you had no problems.

Maybe give this a try and see if it will run.

click here

  RubyJ 10:30 13 Nov 09

Showing how ignorant I am here...... how do I do this ? :-)

  provider 2 12:59 13 Nov 09

I think you should try "Last known good configuration" and see what that produces.

If it`s still not co-operating then "Safe mode with Networking" and leave SUPERAntispyware for the moment and try to download Malwarebytes Antimalware and see if that will run, or buteman`s Dr-Web-CureIt.

(It is Vista you`re using isn`t it? Are you familiar with UAC and how to work with it when downloading programs?)

  User-1229748 13:03 13 Nov 09

i think rubyj is using xp but last known good configuration is one of the options along with safe mode so she can try that.otherwise i think she may have to download dr web to a usb stick and run it from there.

This thread is now locked and can not be replied to.

Sniper Elite 4 review: Headshotting Nazis has never felt so good

1995-2015: How technology has changed the world in 20 years

The Best Design, Illustration, Animation and VFX Awards of 2017

WWDC 2017 dates: How to get WWDC 2017 tickets, when is WWDC 2017 and more details announced