Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Advanced Security Center Virus?


  • Please log in to reply
16 replies to this topic

#1 ckayw9387

ckayw9387

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 04 April 2014 - 09:56 PM

Can someone help me get this virus off my windows 8 laptop please? I can not access the internet or any of my files. It always has a pop up say "firewall has blocked a program from accessing the internet" someone please help me!

BC AdBot (Login to Remove)

 


#2 Plumber

Plumber

  • Members
  • 409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastford,CT. United States
  • Local time:08:11 AM

Posted 05 April 2014 - 08:11 AM

Don't know if this will help much but it's worth a try.Try to get into the Task Manager and go in to start up programs.See if there is anything that catches your eye and disable it and restart and see if that helps.Won't get rid of the virus but you might be able to work from there.

#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:11 AM

Posted 05 April 2014 - 11:49 AM

If you can access the Control Panel open Programs and Features to see if you have Windows Safety Master installed.

 

Are you being asked to run scans?

 

Have you seen either of the images below on your computer?

 

amoral1_zps6ce9d08c.png

 

amorl2_zps8170991e.png


Edited by dc3, 05 April 2014 - 11:55 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 12:12 PM

Yes I'm getting both of those anytime I try to access anything on my laptop.

#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:11 AM

Posted 05 April 2014 - 12:46 PM

 
***  If you can't download and run these let me know.  There is another way that this can be treated.
 
Please download Malwarebytes Anti-Malware.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.
 
 
There are two other ways to retieve the log.
 
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
 
*Open Malwarebytes Anti-Malware.
*Click the History Tab at the top and select Application Logs.
*Select (check) the box next to Scan Log. Choose the most current scan.
*Click the View button.
*Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
*Alternatively, you can click Export and save the log as a .txt file on yout Desktop or another location.
*Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
 
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
 
*Open Malwarebytes Anti-Malware.
*Click the Scan Tab at the top.
*Click the View detailed log link on the right.
*Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
*Alternatively, you can click Export and save the log as a .txt file on yout Desktop or another location.
*Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
 
 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 

Edited by dc3, 05 April 2014 - 12:50 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 01:36 PM

Yeah it won't let me even open my Internet browser.

#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:11 AM

Posted 05 April 2014 - 01:38 PM

Ok, we will do it the manual way.

 

Credit for this portion of the tutorial goes to Grinler.
 
Automated Removal Instructions for Windows Safety Master using Malwarebytes Anti-Malware:
 
 
1.  For the first part of this removal guide you will need to use a different computer than the infected one in order to download and save some files that we need for the fix.
 
2.  On a clean computer, start a web browser and download and save the following Windows Registry file to your desktop from the link below:
 
 
3.  When the file has finished downloading, please burn it on to a CD or save it to a USB drive so that we can transfer the file to the infected computer.
 
4.  When you have finished saving the RemVimes.reg registry file to a removable media, please reboot the infected computer. While the computer is starting please being to repeatedly tap the F8 key on your keyboard. This will open up the Advanced Boot Options screen, in Windows 7 or Vista, or the Windows Advanced Options Menu in Windows XP. The screen that you need to get to will look similar to the one below.
 
abow7_zpsc072f26e.png 
 
At the above screen you will see a variety of options that can be used to boot Windows. Using the arrow keys on your keyboard, highlight the option labeled Safe Mode with Command Prompt. Once it is highlighted, click on the Enter key on your keyboard.
 
5.  Windows will now start and if you have multiple accounts or a password on your single account, you will be presented with a screen asking you to login to Windows. Please select your account and enter any password that you may have. When done, the Windows Command Prompt will open and you will see a screen similar to the one below. 
 
elevatedcommandpromptw7_zpseba8c499.png
 
The Command Prompt allows you to type commands and then press Enter on your keyboard to execute them. In this Command Prompt window, please type explorer.exe and then press Enter on your keyboard.
 
6.  The Windows desktop will now appear. When the desktop appears you can then close the Command Prompt window by clicking on the X. 
 
7.  Now insert your CD or USB drive and open up the drive letter associated with your inserted media. You can access this drive letter by opening the Computer icon on your desktop or from the Start Menu. Once the drive letter is open, double-click on the RemVimes.reg and allow the data to be merged when you are prompted. Once the data has been merged, you can press the OK button and remove the removable media from your computer.
 
8.  Please reboot your computer into the normal Windows mode and login as the infected user. When you are back at your normal Windows desktop please continue with the next step.
 
Now that you can boot to your normal Windows desktop please follow the instruction posted previously to download and run Malwarebytes.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 02:06 PM

It isn't pulling up the advanced boot options screen.

#9 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:11 AM

Posted 05 April 2014 - 02:21 PM

One of the disadvantages of Windows 8 is that you cannot boot into Safe Mode as you can with XP, Vista, and Windows 7.  I forgot that this is Windows 8 we are dealing with.  Let me get back to you on this, I need to find some way to access the elevated command prompt in Windows 8, then we can proceed.

 

My apologies for any confusion.


Edited by dc3, 05 April 2014 - 02:25 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:11 AM

Posted 05 April 2014 - 02:27 PM

Do you have the installation disc for Windows 8?

 

If you do, use the tutorial at Windows Eight Fourms to access the elevated command prompt and continue with the instructions I provided.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 02:28 PM

Okayy thank you.

#12 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 02:30 PM

Actually I don't. The only thing I got with the laptop itself was the instructions.

#13 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 02:40 PM

I pressed the windows button & X at the same time & it has an option for command prompt & command prompt administration but it isn't letting me open either. The virus keeps popping up.

#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,601 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:11 AM

Posted 05 April 2014 - 02:46 PM

You can download a ISO image of Windows 8 at Windows Eight Forums.

 

How to burn ISO image using Windows Burn Disk Image.
 
Notice:  This applies only to Windows 7 and Windows 8, earlier versions do not have this.
 
1.  Place a blank CD or DVD in the tray of your optical drive and close the tray.
 
2.  After you have downloaded the ISO image you want to burn right click on the Start orb, then choose Windows Explorer.
 
3.  When Explorer opens click on Downloads in the left pane.  Scroll down till you find the ISO file you want and double click on it.  Click on Burn Disk Image.
 
4.  In the image below you will see Dick burner:, this should be set to the optical drive you want to use.  Click on Verify disc after burning if you want to Windows to verity the disc image after burn.  Click on burn.
 
burndiskimage1_zpsb502b181.png
 
5.  In the image below you can see that the green progress bar, when the image is finished burning the bar will be filled.
 
burndiskimage2_zps17a9d6ff.png
 
6.  After the image has completed being burned click on Close

Edited by dc3, 05 April 2014 - 02:48 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#15 ckayw9387

ckayw9387
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  

Posted 05 April 2014 - 02:59 PM

Okayy so I do all of this on the non infected laptop?

Edited by ckayw9387, 05 April 2014 - 03:03 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users