Jump to content

Recommended Posts

I am encountering severe no response problems with my computer, and I think I am infected by the Magnipic virus. But let's take things from the beginning.

A month ago, I accidentally installed Privitize VPN... When I realised it was a virus I downloaded Malwarebytes to get rid of it. Fast forward a week ago. Malwarebytes started repeatedly showing a virus called Magnipic.exe in the Quarantine section. I if course removed them, but they kept popping up. Fast forward two days ago. I can't go online whatever I do. Fast forward a few hours ago. I fix the problem by switching my adapter off and on through the computer (hardware switch didn't work). Therefore I try opening chrome. It doesn't respond. I press it quite a few tines and wait, but nothing. No program or command, or shortcut responds. I force shutdown. I do this one or two times, until I stop and shutdown properly before I enter the interface (I run on Windows 8 btw). I manage to restore my computer to a previous point, but I see no results. I manage to get into safe mode and run Malwarebytes, where I encounter Magnipic once again. It says it needs me to restart, so I do. But the situation gets even worse,since now not even the advances startup options work, thus I can't refresh or reset or enter safe mode. What do I do now? Please help me!!! Its urgent! If you can't tell me thus, then at least tell me how to boot into safe mode again ( Shift +F8 doesn't work )....

Oh, and the desktop icons do not show. Everytime I try to view the desktop, it can't show the icons and it crashes.

Link to post
Share on other sites

Hello RavenA,

How new/old is this Windows 8 system? Did WIN8 come with the system, or, was this an upgrade from Windows 7 or Vista ??

Did you make a WIN8 rescue disc when you first got the system?

Does this system have a keyboard? Tell me if this is a Surface tablet. What brand / model of pc is this ?

Windows8 is devilishly quick at startup and you likely will have a hard time getting to Command prompt or to Safe mode with Networking.

See this article How to start Windows in Safe Mode

If you have another computer to do downloads, great....download the tools and put on USB-flash-thumb drive and transport & put on Desktop of problem system.

BTW, you could try getting to Task Manager {CTRL+ALT+DEL} and in Task Manager, slect New Task

and then guide the command line with the drive-path & name of the utility to be run.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Link to post
Share on other sites

OK. First of all thanks for your prompt reply. Sorry not to have mentioned my specs. I upgraded from Windows 7 to Release Preview, and from Release Preview to the actual version about 3 months ago, and no, I didn't make a rescue disk. My laptop is a VGN-NS11M, which I bought 6 years ago. It obviously does have a keyboard. Now, I can't get to the desktop anymore, since whenever I try to, it freezes, since it can't load the icons, so so much for the Task Manager and the Command Prompt. I can make downloads from the netbook I'm on, but it's still a netbook, and thus I cannot burn a boot CD. Furthermore, it runs on Ubuntu, and we have forgotten the password, so we can't install any programs (we is me and the rest of my family). But, if it's truly necessary, then I can boot to Windows XP(we have dual boot, but prefer to use Ubuntu). As a matter of fact, I didn' t really get the part with the USB, would you mind explaining it further to me? Now, as for the RKill thing, I obviously can't use it since my desktop is frozen. And,generally, most commands don't work. For instance, I can search for the Advanced Startup Options, but I strangely can't open them, as many times as I press it... What do I do?

Link to post
Share on other sites

Maybe {with high qualification} can you boot into XP and IF you can see "magnipic.exe" .... maybe you can delete it.

But I suspect it would be an auto-start item within WIN8 and Windows 8 likely would fail to fully load anyhow.

Your system likely has a USB port and thus a USB-thumb-flash drive could be the transfer/transport media for tools.

But putting that aside, the bottom line is that you need to be able to get to a Command prompt in Windows 8.

Power OFF the computer. Make sure to power off any printer, scanner, copier, or external drive.

Wait for a minute.

Then looking at where the F8 function key is on the Keyboard, get mentally prepared to Tap & repeat tap, repeat tap the F8 Function Key

Power up the system and immediately tap away with the F8

Then look at the Recovery Environment / Advanced Boot options.

You need to get to a Command prompt.

Link to post
Share on other sites

I have already tried to use the F8 button, and I never could boot. I'll see what I can do though, nothing to lose. Regarding Windows XP, I meant we have dual boot on the netbook, not on the laptop. As for the USB, I asked what exactly I could be able to do with it... Meanwhile, I'll see what I can do to boot into safe mode...

Link to post
Share on other sites

Rkill log:

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2013 07:51:38 PM in x86 mode.

Windows Version: Windows 8 Pro

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.

Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.

Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 03/03/2013 07:51:53 PM

Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

Now, I didn't know how to disable Malwarebytes, so I didn't... I hope it didn't disrupt its function... I am waiting for instructions...

Link to post
Share on other sites

If the system is in Safe mode, and you have MalwareBytes MBAM installed .... then

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

When done, click the Scanner tab.

Do a Full Scan. i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.

Link to post
Share on other sites

As a matter of fact I did, and, wuite surprisingly, it said that no malicious items where detected! I also scanned with avira and avast, but none of them found anything! Now, I can't find the logs for the MBAM log...since I guess there aren't any!

Of course, the threat can't have been eliminated, since when I search for Magnipic, it does find it, as an app... What am I supposed to do now?

Link to post
Share on other sites

Please help!!!!!! I booted on normal mode accidentally, and there was just a black screen. Now, I forced shutdown, and when I tried to boot to safe mode from the logon screen, my lock screen wasn't there any more, just a plain blue. I got onto the logon screen, but no responses, so I can't boot into safe mode, and im still waiting for the password to load. what do I do??????? HELP PLEASE, I am terrified and paniced!

Link to post
Share on other sites

Stay in Safe mode. Don't panic so quickly.

And please understand I am not online 24 x 7 and not even all-day.

You have a decision to make, and it is likely a very good point for you to delete/wipe the Windows and rebuild the system of Windows from scratch. That will mean the loss of all your data personal files and documents.

So if you have any of these, Copy them to offline media like CD/DVD or to a USB flash.

Now, then, you can take the computer to a small local repair shop {not Big-box-are-Us} to restore the system back to Factory state { Day 1 as it came out of factory}. That's if you feel uncomfortable to do it yourself.

IF you have the Windows CD/DVD with the operating system, that can be used to begin that process.

Or if you do not have the DVD, there is usually a manufacturer's hidden partition used in that process.

If the last is the case, there is a special keyboard key used when the pc is 1st powered ON to begin the job.

For that, you will have to check with your pc maker's customer support website.

Link to post
Share on other sites

Not ... unless you can manage to restart the system and get into a Command prompt.

Or perhaps, you know Linux and could on your own, use a Live CD to find and delete malware off your system.

For that, I cannot help you.

IF you have a clean/new USB flash-thumb drive and you can restart into a Command prompt, then, try

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

Thank you very much for your help. Since it's late at night where I live, I will have to call it a night, and leave to safe mode for now. Tomorrow, we'll see what we can see. since I have quite a few questions:

  1. What should the size of the USB be?
  2. So, I guess Refresh won't work, will it?
  3. After I finish the Scan, and the log is saved, how do I get out of the command prompt and back into safe mode?
  4. I guess it can't be done using "Safe Mode with Command Prompt" ?

Thanks again!

Link to post
Share on other sites

Thank you very much for your help. Since it's late at night where I live, I will have to call it a night, and leave to safe mode for now. Tomorrow, we'll see what we can see. since I have quite a few questions:

  1. What should the size of the USB be?
  2. So, I guess Refresh won't work, will it?
  3. After I finish the Scan, and the log is saved, how do I get out of the command prompt and back into safe mode?
  4. I guess it can't be done using "Safe Mode with Command Prompt" ?

Thanks again!

The USB can be as small as a 1GB capacity.

Refresh I believe would put back Windows 8, but you would lose your documents.

To exit out of command prompt, you would restart the pc, but stay in command prompt until I give future directions.

IF you have the Windows 8 DVD then speak up right away, and let me know. It would help if you did have it, but not necessary

Link to post
Share on other sites

The USB can be as small as a 1GB capacity.

Refresh I believe would put back Windows 8, but you would lose your documents.

To exit out of command prompt, you would restart the pc, but stay in command prompt until I give future directions.

IF you have the Windows 8 DVD then speak up right away, and let me know. It would help if you did have it, but not necessary

  1. Great. I was wondering whether we were supposed to use it as a boot USB, so it would have to be big... But, I guess not ( I asked, since I'm gonna buy a new one to do that)
  2. That's reset. Refresh deletes all program files (and lists them on the dekstop afterwards, so you can find them again). Would it work?
  3. Then it should be done while you're online...
  4. Unfortunately, I don't have one...

Link to post
Share on other sites

I had given you directions before. Just follow what I listed.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.