Skip to comments.Computer Help Needed
Posted on 03/09/2010 8:25:00 AM PST by Williams
A friend has an ACER Laptop running Windows Vista. It came up with a screen saying "the computer is infected witha virus, and is sending out spam emails, if you don't want to be a spammer click here", which opens a window to register foir something.
Even in safe mode the computer opens to this screen only. There is no ability to close the window or to use ctrl alt delete.
In regular startup it didnt fill the screen, but now the computer is staying black in regular start up after it says welcome, and then eventually shuts down on its own.
I thought safe prompt mode might help but I don't know prompts.
Any ideas? Anyone have this before? It sounds worse than the usual anti virus scam.
I hope they have Carbonite.
You have a bad virus. Worst than most it sounds like. Worst case scenario u have to restore the OS.
I would recommend downloading anti-malwarebytes from
It is free and usually can clean up this type of stuff. Had this issue with a co-workers computer and this cleaned it up. Took awhile to launch it after downloading as the virus did not want to allow it, but when we launched right after startup it worked fine and cleaned out the malware
You will need to run MalwareBytes or ComboFix to get rid of it. Booting up in safe mode if possible.
If that doesn't work you will need to boot with a CD that you can go into your registry to find the offending startup item and delete it.
I run across it on an almost daily basis. Good news is, I'm not charging you for help!
I would hope that all important files have been backed up somewhere, then reformat the hard drive and reinstall the OS, (or better yet upgrade to Windows 7).
My wife had the same thing happened to her lap top. I took it in to the computer guy to fix it. I tried downloading everything to fix none will work. Cost about $110 to fix and came with virus protection.
Put the CD/DVD in that has the operating system. Go into the BIOS before the system boots and change the startup option so that it boots from the CD/DVD. That will allow you go boot in safe mode and run an anti-virus program or restore your system.
You can just tap F8 during the BIOS boot up to take you to the option to boot Windows in Safe Mode.
All I can offer is condolences.
OMFG ROTFLMFAO LOLs.
The only solution is to get a Mac. Seriesly. :)
It sounds like he may have some antivirus softwre installed that is generating the message, or it’s just a stupid trojan that wants to infect his address book and is trying to goad him into doing what it says.
Since Windows is so full of holes the best thing to do is just backup his important files and re-format and re-install the OS.
have you tried googling the exact message you are getting? chances are if it really is a virus, someone else has gotten it. Chances are also that someone has posted a fix for that virus. Follow the instructions for the fix only after you have seen that someone else has followed them with a similar set up and they have worked (for a similar setup).
Also, never wipe your drive because someone on the internet tells you to :)
If the problem is such that you cannot fix the OS (i.e. the malware is extremely “mal”), what you can do is take the hard disk out of the laptop, copy the files to a PC (you may need some kind of adaptor for this ... if it is SATA, it might be plug-and-pray with a modern PC), reinstall the hard disk, then low level format/reinstall the OS.
I might suggest, if the user is only using basic tasks/applications (browing the web, word processing, etc.) that you might want to install Ubuntu as it is simple to use, has everything one would need for “basic tasks”, and looks sharp :-) . I did this for an ex girlfriend that always managed to get viruses (not the AIDS kind, but the computer kind :-) ) and she’s been pretty happy ever since.
They are very good but they are also VERY busy.
The virus you have is a nasty one and I recommend formatting your drive and reloading if that is an option.
Yes that is a a nasty one....If you get a message like that....NEVER CLICK ON THE LINK.... go with anti-malwarebytes to try and clean but you may need to go with with an OS... it a nasty little bugger that hangs on reinstall
Ash: You still don't understand what you're dealing with, do you? Perfect organism. Its structural perfection is matched only by its hostility.
Lambert: You admire it.
Ash: I admire its purity. A survivor... unclouded by conscience, remorse, or delusions of morality.
Parker: Look, I am - I've heard enough of this, and I'm asking you to pull the plug.
Ash: Last word.
Ash: I can't lie to you about your chances, but... you have my sympathies.
Ditto on malwarebytes. Also, create a new user which is an administrater and log in under that name, then download and run malwarebytes.
Once you get the computer cleaned up, I highly recommend Avast Free Antivirus. It has, so far for me, proven to be much more effective than AVG Free Antivirus and it is much less intrusive than Norton or McAfee. It also offers the option to do a boot scan for viruses and malware and this has been vital in removing tough viruses and malware from several systems I have had to do work on.
Some of these malware and hijack programs leave things behind when they are “removed”. Nasty things, like programs that harvest accounts info and passwords for online banking. I would always reformat and reinstall.
I was going to suggest nuking the laptop from orbit (it’s the only way to be sure), but then I saw your post.
I would disable the NIC card before running any of the fixes, just for the heck of it.
"Even in safe mode the computer opens to this screen only. There is no ability to close the window or to use ctrl alt delete."
That's why I recommended using the boot disk to go to safe mode.
As stated earlier, you cannot get to windows apps so don’t bother trying. You need an emergency boot disk such as Kaspersky. I believe you can make a boot disk from the Kaspersky trial version (using a friend’s machine). Set your machine to boot off the cd and run the antivirus app.
That's why I said to put the OS Disk in the drive and have it boot off of that. It boots from a clean OS and bypasses the registry on the computer.
Throw it in the
You do indeed have a bad virus and it’s one that probably came through an email. It is almost impossible to get rid of once it is in place. Last year my office computer became infected with this pest because the tech group temporarily shut down some AV and firewall protections for testing and forgot to turn it back on. I am on the information technology faculty side of our university and our security experts and I could not come up with a fix so the machine had to be reimaged. It affected any machine, Windows, Linux or Apple that received an email during that time from whatever the source and a few became infected when an infected machine sent an email to an uninfected machine. Good luck and I hope you have a recent backup.
For less than $30, you can get a kit that allows you to connect a disk to another computer via USB (inc. SATA, 3.5” IDE, and 2.5” IDE). My advice: get a kit (readily available on ebay), remove the disk from the laptop, and plug it into another computer using the kit. Once the file system is recognized, run a full deep scan on it using a product like Avast! (free). Let us know how it works out...
My daughter got that on her laptop from Facebook. As somebody mentioned earlier, google it and there are instructions on Youtube that shows exactly what to do.
Step 1 (this freaks many people out.....) Disable System Restore. If you clean a virus without taking this step, often times it comes right back. I have yet to have to reinstall an OS due to malware, but if that were the next step, System Restore won't) do you any good anyway.
2) Disable any running antivirus program.
3) Hit Start. In the "start search" line (vista, right?) paste the following: (excluding the "'s)
This takes you directly to the combofix executable. Save it to your desktop and run it. Answer Yes to the "combofix is not affiliated...." statement, NO to the Recovery console, and let it do its thing.....should progress through over 50 stages and then produce a text file. I typically download and run Superantispyware free or malwarebytes after combofix, but combofix will at least get you functional.
If your malware infection stops the combofix download, it will need the work of a professional to remove the infection. There's more that can be done, but it's too complicated to describe here.
Use ALT + F4 to close. Not the X, not right click. Even if it closes out something you're working on, it's better to do that than to enable spyware. I have seen that move prevent the spyware from executing in some cases.
If they cannot get to the windows app in any mode, how can they run those steps?
I have had this problem before and solved it every time with the help of the people at majorgeeks.com. Just go to their forum and follow the instructions for malware removal and you will be rid of your problem. It might take all day or a couple of days but you are guaranteed success based on my experience. They are very, very knowledgeable and have all the tools you need to fix your computer.
Here is the link: MajorGeeks Forum
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.