Jump to content

Malware that runs even in Safe Mode


Recommended Posts

I had a Malware problem on my daughter's Dell Inspiron 1525. Usual thing; LOTS of scare pop-ups with a big coloured box that looked VERY professional and official from System Protection. Computer FULL of viruses. Norton scan run remotely from the Symantec website found nothing. Lots of things on the computer would not work. Luckily I found Malwarebytes, downloaded and ran it from Safe Mode (Windows 7 Home Premium, 64-bit, McAfee anti-virus) and it found the problem and cured it.

After I restarted the laptop McAfee reported it was up-to-date and working. A FULL scan from Malwarebytes showed the machine clean. Next day a very similar attack happened. Same symptoms but different name of attacker. This time almost nothing worked from Safe Mode. Malwarebytes would not run, msconfig would not run, regedit would not run and I could not access most of the internet. When I connected to the Malwarebytes.org website I got a warning that the site could be dangerous and IE8 shut down. From within Task Manager I could see 4 files marked xbm.exe but I could not remove them. If I disabled them they restarted instantly when I tried to start Malwarebytes. Remember, this is all IN Safe Mode.

Somehow last night, between using a CMD line and Safe Mode I think I have managed to clean the infection again. A quick scan with Malwarebytes found and cleaned 2 infections and a FULL scan found 1 more and removed it.

Now I am worried, how did the second attack happen? Is McAfee broken? What should I do now? I have turned off the laptop and don't intend to use it until I learn more. Laptop connects wirelessly through my BT Hub broadband.My daughter has iTunes and connects her iPhone 4 to it. Any chance of this infection being transmitted via the iPhone?

Link to post
Share on other sites

Greetings and welcome :)

There are indeed some very nasty infections out there that do run, even in Safe Mode and also prevent conventional tools from running.

Please follow the below instructions and you will receive one on one assistance from a malware removal specialist to eliminate the infections and get the system cleaned up:

We don't work on Malware removal in the general forums.

Please read and follow the directions here, skipping any steps you are unable to complete. Then create a NEW topic here.

One of the expert helpers there will give you one on one assistance when one becomes available.

Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help.

If you are unable to do all or any of the steps in the link to the directions above, just post your problem into the forum I gave you a link to anyway and someone will be able to assist you.

Thank you :)

Link to post
Share on other sites

Greetings and welcome :)

There are indeed some very nasty infections out there that do run, even in Safe Mode and also prevent conventional tools from running.

Please follow the below instructions and you will receive one on one assistance from a malware removal specialist to eliminate the infections and get the system cleaned up:

We don't work on Malware removal in the general forums.

Please read and follow the directions here, skipping any steps you are unable to complete. Then create a NEW topic here.

One of the expert helpers there will give you one on one assistance when one becomes available.

Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help.

If you are unable to do all or any of the steps in the link to the directions above, just post your problem into the forum I gave you a link to anyway and someone will be able to assist you.

Thank you :)

Many thanks. I have run Malwarebytes as suggested and the laptop appears clean. I have printed off the items you sent and if I have any more problems I will post a new message in the appropriate forum.

Regards,

Adam Reith

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.