Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Removal Hangup


  • Please log in to reply
18 replies to this topic

#1 Robert Sukovich

Robert Sukovich

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 01:57 PM

Greetings. My wife's laptop has the Windows Premium Shield virus. The virus removal tool procedure seems simple enough, but there is one BIG problem. My computer is clean and preparing the disc to use in the infected computer does not present a problem. The problem is that we cannot achieve a safe mode or for that matter, we can't do anything more than just start get the sign-in screen and when we enter that we get the virus. We can get to the Task Manager, we can restart. We will try anything that is suggested. Thank You.



BC AdBot (Login to Remove)

 


#2 Roodo

Roodo

  • Members
  • 760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:40 PM

Posted 27 December 2013 - 03:02 PM

have a look here:

http://www.howtogeek.com/107511/how-to-boot-into-safe-mode-on-windows-8-the-easy-way/



#3 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 03:19 PM

That didn't work.



#4 Roodo

Roodo

  • Members
  • 760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:40 PM

Posted 27 December 2013 - 03:28 PM

Can you get into bios?



#5 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 03:56 PM

i'LL TRY



#6 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 03:59 PM

Negative. F2 or F12



#7 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,068 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:12:40 AM

Posted 27 December 2013 - 04:05 PM

Hi,

 

If you can get task manager up then can you look for these files. Look under applications first and see if you can find anything which refers to the Premium Shield, guard e.c.t. If not then look under processes and see if you can find one with these patterns:

 

guard-<random>.exe
result1.db
 
If you are not sure about a process then post here.
 
If you can do that then post back here. I'll report this topic so it can be moved to the correct section.
 
xXToffeeXx~

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#8 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 04:05 PM

What would happen if I let the virus run and get the scan done. Is there anything that can be done afterward?



#9 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,068 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:12:40 AM

Posted 27 December 2013 - 04:07 PM

What would happen if I let the virus run and get the scan done. Is there anything that can be done afterward?

See my post above, you can try running the scan, but I worry the program may interfere. It may not, and it's worth a try if you do not want to try and kill the process.

 

xXToffeeXx~

 

Mod Edit: Moved from Windows 8 forum to a more appropriate forum

Roger


Edited by rotor123, 27 December 2013 - 04:11 PM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#10 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 04:30 PM

What forum did this go to



#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,068 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:12:40 AM

Posted 27 December 2013 - 04:34 PM

AII (Am I Infected?), since we do not deal with malware in the Windows forums.

 

Thanks Roger :)

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 04:41 PM

Ok, I'm here now. xXToffeeXx We did go to Task Manager prior to my post and did remove one item that was obvious. The only way to get to Task Manager then was to let the virus appear on the screen and then we hit the Ctrl,Alt,Delete which enabled us to see the list of choices which included; Lock, Switch User, Sign Out, and Task Manager. When we did put the cursor on Task Manager, it appeared as a blip over the virus page. It didn't stay there so we could access it's contents. In fact, it may be hiding behind the virus.

#13 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 04:45 PM

I did a lot of surfing looking for solutions and I did run across one item which, I recall, mentioned something about letting the thing run and then going to the settings or properties, of the virus page and doing something. I regret not writing it down completely.

#14 Robert Sukovich

Robert Sukovich
  • Topic Starter

  • Members
  • 357 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Van Buren, Arkansas
  • Local time:06:40 PM

Posted 27 December 2013 - 05:25 PM

I let the scan run and as expected, nothing new except it looks like they want me to ay for something. I'm done with it and will reinstall.

#15 Roodo

Roodo

  • Members
  • 760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:40 PM

Posted 27 December 2013 - 05:36 PM

What OS is on the wifes and on yours?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users