Help with Windows Virus

By Tech Star
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

Tech Star

Posted
Posted

Hey guys, usually I am able to get rid of Windows virus's really easy and swiftly, but this one is giving me a lot of problems. I am trying to help give a person support remotely and anything I do just gives me this blue screen. I can get the start menu to show up (windows 10), but if I click on any program or any option it just takes me back to this blue screen. 

I had gotten malwarebytes installed and running before this happened, but now it won't let me do much. Any suggestions on how to deal with this?

Thanks guys. 

Screen Shot 2015-08-23 at 1.58.44 PM.png

Link to comment
https://www.neowin.net/forum/topic/1270104-help-with-windows-virus/
Share on other sites
Proficient

nyolc8

Posted
Posted

Dat BSOD.... try safe mode maybe? Did you tried to access command prompt? (right click on start button and command prompt - select the elevated/admin one) If that starts then you can set your system to boot into safe mode.

Grand Master

Tech Star

Posted
  • Author
Posted

 It's not a real bsod. It's a fake one that has a phone number at the bottom to call for fake support. I can still hit the start button on the keyboard and the start menu will pop up. Apps just will open in the background of the fake blue screen. I can also hit ctrl-alt-dlt and the option screen will pop up, but can't access task manager. I can log out however. 

Mentor

Dadwen

Posted
Posted (edited) 
https://blog.malwarebytes.org/fraud-scam/2015/07/techsupportscams-and-the-blue-screen-of-death/
found this on malwarebytes site, might look for this folder or one like it and it prob won't let you deleted it but I have 
had luck with renaming it and then rebooting and deleted it, might also see if you can run eset's online web scanner and it if will run ok.

the one they mention was in the following path below, guessing it loading from somewhere under their profile if not that that folder something similar.
C:\Users\%userprofile%\AppData\Roaming\SenseIUpdater\

 

**since you have malwarebytes install have you tried it/s  Chameleon mode (under it's menu options in start)

Edited by Dadwen
Grand Master

Anibal P

Posted
Posted
  On 23/08/2015 at 21:21, Tech Star said:

How is that the best option? It's a dumb virus/malware. As you can see with the phone number at the bottom of the blue screen. 

I can still boot into windows. Just after a period of time, this shows up. 

I prefer the nuke and start over, only way to be 100% sure 

PLUS if you end up formatting the same person's compute a few times, they may finally realize it's them and stop being dumb 

  • A Real American!
  • Like 1
Veteran

philcruicks

Posted
Posted (edited)

F8 while booting to get into safe mode (with networking if you wanna download definition updates), run malware-bytes and whatever AV you use from there, also try downloading and running Hitman Pro, TDSS Killer and running those.

Grand Master

goretsky Supervisor

Posted
  • Supervisor
Posted

Hello,

Many anti-malware companies offer Live images you can burn to a CD or USB flash drive and boot an infected PC from in order to clean it.  Have you tried using one of those?

Regards,

Aryeh Goretsky

  • Tech Star, helpifIcan and Ian W
  • Like 3
This topic is now closed to further replies.
 Share
Go to topic listing