[dabonenose]

1. I boot system(HP 64 bit desktop) and it's ok up until my password window appears.

2. After typing password, the system is hijacked by some security type software that appears to start
searching my system for viruses.

3. At this point I cannot stop or alter the virus checking screen that appears and have to reboot the system
using cntl/alt/del option.

4. I am using my laptop to communicate with you guys/gals.

HELP !!!!

[Advertisements]

Hello dabonenose and

My name is Machiavelli and I am going to be helping you with your malware removal. Please note that, as I am currently still in training, all of my posts have to be reviewed by my instructor prior to me posting them.

Before we continue, I would like you to read the following text:

• Some of my instructions may be carried out in safe mode, where you will not have access to GeeksToGo, I suggest you save or print my instructions for later reference
• Please do not attach your logs to your post, instead I would like you to copy and paste the contents into your post
• Please do NOT use any other tools, fixes or scripts unless instructed to do so by myself. Not only could this damage your system, but it will make it harder for me to fix your problem
• If you do not understand any of my instructions, then feel free to ask me and I will explain in further detail
• Please be patient. Malware removal is a long process and requires many steps, if you stick with me, I'll help you get through this
• Stay with me until I deem your computer clean. A lack of symptoms does not always mean that the system is clean
• Please make sure you have read and understood my instructions before continuing with them, spelling errors in the scripts etc. could cause adverse effects to your system
• If you do not hear a reply from me in 36 hours, then simply post "bump" on the thread
• Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed

 

3. At this point I cannot stop or alter the virus checking screen that appears and have to reboot the system
using cntl/alt/del option.

So you can't do anything else?

• Step 1: Boot Into Safe Mode

• Please start your infected computer and start tapping F8 repeatedly
• If this was successfull, you will see the Advanced Boot Options screen with the follwoing three options:

Safe Mode
Safe Mode with Networking
Safe Mode with Command prompt

• Please try to start in Safe Mode with Networking (1.), if this doesn't work please try to start in Safe Mode (2.)

• Tell me which option worked! (if no option worked please also let me know)

[Machiavelli]

Hello dabonenose and

My name is Machiavelli and I am going to be helping you with your malware removal. Please note that, as I am currently still in training, all of my posts have to be reviewed by my instructor prior to me posting them.

Before we continue, I would like you to read the following text:

• Some of my instructions may be carried out in safe mode, where you will not have access to GeeksToGo, I suggest you save or print my instructions for later reference
• Please do not attach your logs to your post, instead I would like you to copy and paste the contents into your post
• Please do NOT use any other tools, fixes or scripts unless instructed to do so by myself. Not only could this damage your system, but it will make it harder for me to fix your problem
• If you do not understand any of my instructions, then feel free to ask me and I will explain in further detail
• Please be patient. Malware removal is a long process and requires many steps, if you stick with me, I'll help you get through this
• Stay with me until I deem your computer clean. A lack of symptoms does not always mean that the system is clean
• Please make sure you have read and understood my instructions before continuing with them, spelling errors in the scripts etc. could cause adverse effects to your system
• If you do not hear a reply from me in 36 hours, then simply post "bump" on the thread
• Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed

 

3. At this point I cannot stop or alter the virus checking screen that appears and have to reboot the system
using cntl/alt/del option.

So you can't do anything else?

• Step 1: Boot Into Safe Mode

• Please start your infected computer and start tapping F8 repeatedly
• If this was successfull, you will see the Advanced Boot Options screen with the follwoing three options:

Safe Mode
Safe Mode with Networking
Safe Mode with Command prompt

• Please try to start in Safe Mode with Networking (1.), if this doesn't work please try to start in Safe Mode (2.)

• Tell me which option worked! (if no option worked please also let me know)

[Machiavelli]

Any problems with the instructions above?

[dabonenose]

Machiavelli, Currently I switched over to my laptop, however, I will be revisiting this problem in the near future since the problem computer is my main, desktop computer.

Just wanted to add, I did try rebooting in safe mode prior to opening a ticket ,but after the boot, and I was prompted for my password...as soon as I responded the computer went right into the virus routine.

I'm just soo busy currently with yearend stuff that I have to put it off.

When I do revisit, do you want me to open a new ticket or the current one?

tkx for your help and sorry I didn't get back to you sooner,
Dab

[Machiavelli]

You can always reply here. If I understand correctly you get also hijacked in SafeMode?

[dabonenose]

Yes, once I boot in safe mode, it takes me to my logon password screen. After I type my password, it normally goes to windows screen, however at that point the virus loads a screen with a MS Security Essentials looking screen called "premium security" and appears to be virus scanning and finding viruses. I cannot communicate with this program and have to reboot to get out of it.

[Machiavelli]

Which operating system do you have? ( Windows XP, Windows Vista, Windows 7 or Windows 8)?

[dabonenose]

Windows Vista 64 bit HP processor

[Machiavelli]

• Step 1: FRST

• On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.
  
  Plug the flash drive into the infected PC.
  
  If you are using Vista or Windows 7 enter System Recovery Options.
  
  To enter System Recovery Options from the Advanced Boot Options:
  
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
• On the System Recovery Options menu you will get the following options:
  
  Startup Repair
  System Restore
  Windows Complete PC Restore
  Windows Memory Diagnostic Tool
  Command Prompt
  
  Select Command Prompt
  
• Once in the Command Prompt:
  
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64 and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

[dabonenose]

Machiavelli,

Thank you and the staff at geeks to go, however my son-in-law resolved my problem.
He booted in safe mode with prompt and used a cd created on his computer with a fix which was called in on my cd drive and applied.

You guys have a very good service here and I thank you very much.

I'm sure I'll be in touch in the future with other issues.

[Machiavelli]

You are sure that you don't want any further support?

[dabonenose]

No thank you, my son-in-law(software developer) resolved the problem and I'm picking up my pc this afternoon.

He followed a similar resolution that you were suggesting and fixed it.

I will contact you in the future if I need to reopen, etc. or new problems arise.

Do you need me to post a customer review or anything? If you do, let me know.

[Machiavelli]

I don't need anything from you. OK, we will close that as solved (my teacher will do that).

Afterwards, Happy new Year!

~Machiavelli

[dabonenose]

Same to you my friend ! Happy New Year

[CompCav]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.