Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Empty desktop, blocked Task manager

This is a discussion on Empty desktop, blocked Task manager within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hi all, My pc was running fine until a couple of days ago when my AVG apepars to have been


 
 
Thread Tools Search this Thread
Old 10-23-2009, 04:35 AM   #1
 
Join Date: Oct 2009
Posts: 1
OS:



Hi all,

My pc was running fine until a couple of days ago when my AVG apepars to have been corrupted. I got a lot of virus warning messages for Trojan Horse Generic 14 and then started seeing fake anti-virus messages etc.

I tried to remove these through avg but that failed and so I ran Malwarebytes which asked me to restart to remove some issues.

On restart I now have a blank desktop weith just my wallpaper and Ctrl-Alt-Del to bring up task manager only shows the message "Disabled by administrator".

I have no idea what to do as nothing will run. Tried Safe mode and restoring to last known good configuration but neither work.

Any ideas? I'm really at a loss and need my PC back :(

Thanks

Ok. I eventually got it to boot from my Windows CD and did a repair install.

I've then set up a second/new username and have managed to get on to a working desktop. I've still got a lot of errors and a large black box in the centre of my wallpaper saying along the lines of "Warning, this system has been infected with spyware....blah blah blah".

What programs should I be running now to try and clean the system again so it doesn't happen all over again the next time I restart?

Thanks

:( Well the PC is obviously riddled with infections/keyloggers and Virut so I have some pretty serious problems.

No ideas where it came from but I went from having clean scans with avg/S&D etc to every scan finding multiple infections, many of which they can't seem to remove.

The PC is off the net for now and am currently running AVG which has come up with multiple (50 and counting) Virus infections.

Spybot S&D found a number of things including (but not limited to):
DNSFlush.cws
Fraud.AdvancedVirusRemover
Fraud.AVCare
Fraud.VirusResponseLab2009
SCKeylogger
Microsoft.WindowsSecurityCenter.FirewallBypass
SmitFraud-C.
Win32.Agent.atta
Win32.Agent.ieu
Win32.Agent.pz

And a few more.

I would like to run scans and post logs but am a) nervous about restarting the pc and it not working again and b) very nervous about connecting it to the net to upload logs etc.

Any thoughts?
SirClarke is offline  
Sponsored Links
Advertisement
 
Old 11-08-2009, 11:28 AM   #2
Security Team
Analyst
 
Join Date: Jan 2009
Posts: 553
OS: Win98SE, XP Home SP3, Windows 7 64-bit



Hello and welcome to Tech Support Forum.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:

If you have access to a clean computer and a flash/USB drive you can use those to transfer tools/programs and their logs back and forth from the infected computer to the clean one. And you can use the clean one to post the logs back to this thread.


Step # 1 Download and run DDS

Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop. Post them back to your topic.




Step # 2: Download and Run Gmer

Please download gmer.zip from Gmer and save it to your desktop.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst


If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click No.
  • Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.
If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked.
  • Click the Scan button and let the program do its work. GMER will produce a log.
  • Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.

DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

Please post the results from the GMER scan in your reply.


In your next post/reply, I need to see the following:

1. The two DDS Logs (DDS and Attach.txt)
2. The GMER Log

Use multiple posts if you can't fit everything into one post.
__________________

Member of ASAP
km2357 is offline  
Old 11-11-2009, 12:59 PM   #3
Security Team
Analyst
 
Join Date: Jan 2009
Posts: 553
OS: Win98SE, XP Home SP3, Windows 7 64-bit



SirClarke? Do you still need help?
__________________

Member of ASAP
km2357 is offline  
Sponsored Links
Advertisement
 
Old 11-15-2009, 12:00 AM   #4
Security Team
Analyst
 
Join Date: Jan 2009
Posts: 553
OS: Win98SE, XP Home SP3, Windows 7 64-bit



Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

https://www.techsupportforum.com/secu...oval-help.html
__________________

Member of ASAP
km2357 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 03:03 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts