Virus shuts down computer before protection software can get rid of it

[keri22421]

How do I isolate or get rid of a virus that shuts the computer down before the virus protection software can get rid of it?

 

[mouse24]

Hmmm. well I don't know how much load it puts on the pc by booting up into but it can't be very much, I would boot into the bios and watch the temp sensor to see if it keeps getting hotter and hotter. If you put on to much thermal paste it could be acting as an insulator and gradually overheating until it shuts down right when it gets into windows.

Its a longshot but weird things have happened

 

[Rockdpm]

yea. i did like the other theory someone questioned that it may or may not be a virus

 

[sammmy]

I just removed a virus like that. It was shutting down the computer suddenly, without blue screen or freezing, just sudden and complete shut down to a black screen, then the computer restarts. The shutdowns started shortly after I browsed a few torrent sites with god knows what crap on them.

I ran Malwarebytes, which in most virus infection cases has proven to find viruses faster and more reliable than Avira. It found 4 infections one minute after I started the scan. I instantly aborted the scan and told it to clean them up, since I knew I had limited time untill the next shut down. That did the trick. No more shutdowns.

This is the Malwarebytes description of the virus, it found it in the Registry keys:

Registry Keys Detected: 4
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{33119133-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{03119103-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\Interface\{23119123-0854-469D-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.

 

[HEXiT]

thats not a virus in the traditional sense mate its malware viruses dont create reg keys but malware does so it can auto start when the pc next boots...
now that you have have stopped the reg entries you will need to remove the associated software from your startup (if theres a start up entry) from your browsers helper objects (use hijack this and delete any associated BHO objects listed that match the class id) and the actual software the malware came with, which looks to be a browser bar. likely called funweb or some such... best you use ccleaner to uninstall it then search for reg entries with it. then run malwarebytes to make sure you get any leftovers.

i only recommend avira and malwarebytes because i have used them for the last few years with little sign of infection. yes i get the odd tracker or nonestandard compression warning but ive yet to get a proper hardcore infection. they seem to compliment each other very well... then again i use the payed version of malwarebytes as it has realtime scanning active. where the free version doesnt. still its usefull even in the free version.

anyways glad your finally getting to the bottom of it...

 

[SeoMaster43]

Thanks for share great information


http://ariscool.com/how_do_i_remove_a_virus_from_my_computer

 

[shanky887614]

you need an antivirus cd/dvd

bassically a cold boot antivirus

this should kill it http://www.freedrweb.com/livecd/?lng=en

download, burn to cd then boot from it (the live cd)

 

[Maverick7508]

Why are you telling him to buy something without further investigation? yes its a virus but there are also free good programs that can get rid of the problem.

Avira rescue cd, kaspersky rescue cd, malwarebytes, running antivirus with a linux cd, there are loads more.

Not trying to bash you but you seem to jump the gun on 99% of your posts.

Hi


Jumping the gun ...maybe...OR knowing PRECISELY what I am doing.....you choose....

I wont argue, I fix the damn viruses...EVERY day.... and NORTON IS THE BEST ...and YES I have tried them all....

All the best Brett

So, why exactly would you encourage a user to use norton anti-virus, which in my experience is clunky, doesn't function well with other security software, and is a pain in the backside to remove. Since it is so prolific as an anti-virus program, it has the additional issue of hackers writing virus's that are meant to end run around Norton. So why would you recommend it when there are better freeware programs and paid programs?

If it really is a virus that is causing this issue and your anti-virus software cannot remove the problem effectively, you may have a rootkit. Try malwarebytes anti-rootkit, or systernals rootkit revealer, or the kaspersky labs tdsskiller.

 

[Jojolo]

are you seeing pop ups or is your antivirus reporting a virus. let me know what the name of the prorgram that is poping up is called (ie antivirus 2012) or what name your antivirus is giving it and i will be able to give you step by step directions.

because ther are many types of virus there is no simple one tool answer.
(ie polymorphic, multipartite, phage....ect)

I have a problem too my PC says there is a virus on file saved on the PC and said it's detect it by avast ant virus and ask to accept restart to scan before being able to use the PC am I hacked or in trouble ?.,. It's called mobigene

 

[Sabaaaa]

are you seeing pop ups or is your antivirus reporting a virus. let me know what the name of the prorgram that is poping up is called (ie antivirus 2012) or what name your antivirus is giving it and i will be able to give you step by step directionbecause ther are many types of virus there is no simple one tool answer.
(ie polymorphic, multipartite, phage....ect)

Registry help pop up pops up and computer shuts down within seconds pls help

 

[HEXiT]

http://www.emsisoft.co.uk/en/software/eek/

download it onto another pc and put it on a dump stick. plug it into your infected pc and boot off the dump stick, run the tools