GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Administrator has disabled Task manager, Can't open regedit. Horrible virus

View previous topic View next topic Go down

Administrator has disabled Task manager, Can't open regedit. Horrible virus

Post by Kell_bellz on Thu Nov 19, 2009 11:10 pm

I don't know how much you can help,
(but I'm hoping a ton.)
I have a Dell from 2004. Running XP.
Here's my problem, I seem to have a ton of peoples Viruses combined.
I cannot in any way shape or form open Task Manager. the closest thing to it is the window showing the CPU usage graph. No tabs, nothing.
I cannot open anything else either. At first, I might be able to open a new program, but then it is closed and if I attempt to open it again, it either says its infected or that it has been disabled by my administrator.
Everything I click on is disabled or "infected".
I searched for the System Security 4.52 virus and didn't find that. I don't even get the popup for the fake antivirus program after a couple of days. I've had the virus for a couple weeks, spending a couple hours trying to fix it and failing.
I can't do start - help and support - system restore either, because that has been disabled.
Umm. I can't get onto the internet also so I'm on another computer posting this. Which is going to make it hard for me to do a "Hijack This" Log. I tried to download the program and transfer it to the other one but I couldn't open it. I don't know if I did that wrong, or if the virus already found it too.


Please help me. I have to do online training for my job, andthis computer I'm on has a shotty spacebar and no memory. Took thispage a couple of minutes to load. I don't know how long I'll keep my sanity.

TO you Mister Virus of Doom maker, " Hah! Really funny, Great job, you've made my life horrible for 2 weeks. You don't win anything though do you? Exactly, FAILURE."

Thank you for your time in advance,
Sincerely <3
Desperate CVS Pharm-trainee & College Student.

Kell_bellz
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2009-11-19
OS : xp
Points : 25733
# Likes : 0

View user profile

Back to top Go down

Re: Administrator has disabled Task manager, Can't open regedit. Horrible virus

Post by Dr Jay on Sat Nov 21, 2009 9:16 pm

Your computer is infected with a dangerous infection:
[You must be registered and logged in to see this link.]

We have hit a dead end. Please tell me when you have completed a reformat and reinstall.

I am sorry for the bad news. I do not understand why these mean people make such harsh viruses, and I wish there was a way to clean your system without everything being damaged. But, the problem is, cleaning the system, most files will be damaged. It is like trying to clean up a city that just had a tornado or hurricane run through it. Takes rebuilding, and time to set back up.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Administrator has disabled Task manager, Can't open regedit. Horrible virus

Post by Kell_bellz on Sun Nov 22, 2009 12:07 pm

Sad tearing Man, thanks.. I'll see what I can do..
Is there any way to save ANY files without risking bringing anything over?
This computer has been my life, and has pictures galore Id like to salvage.

Kell_bellz
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2009-11-19
OS : xp
Points : 25733
# Likes : 0

View user profile

Back to top Go down

Re: Administrator has disabled Task manager, Can't open regedit. Horrible virus

Post by Dr Jay on Sun Nov 22, 2009 2:41 pm

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

==

Right-click on any certain picture, and choose "Scan with Malwarebytes' Anti-Malware." If the result comes back infected, then you cannot save the pictures. However, if the result comes back clean, then they can be safely saved, but only them.

Optionally, if you have a good color printer, you my be able to print all of the pictures.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Administrator has disabled Task manager, Can't open regedit. Horrible virus

Post by Kell_bellz on Sat Nov 28, 2009 12:37 pm

So after a month of dealing with the virus of Doom I think I have "Finished him" off! (Think Mortal Combat style, uppercuts and all) lol. I was successful to save my music and 5 years of pictures onto my external and scan them for 0 threats. Said a last goodbye to my laptop just incase all hell broke loose, and then reformatted, installed Vista, cause thats the only cd I had, and crossed my fingers. Everything has seemed fine, of course the first thing I do is try to Ctrl - Alt - Del and it there was my task manager! Just to make sure everything was good, I went to your Malware site, downloaded and successful ran the program, after an hour it found 37 infections and hopefully deleted them forever. Yes, after my reformat there was 37 infections.. makes you think, don't it? lol.

I figured i'd post my log on here, since it could maybe help others in the same boat finding the infections?

THANK YOU VERY MUCH, for your time and help.
- Kelly





Malwarebytes' Anti-Malware 1.41
Database version: 3250
Windows 6.0.6000

11/28/2009 12:14:33 PM
mbam-log-2009-11-28 (12-14-33).txt

Scan type: Full Scan (C:\|)
Objects scanned: 225525
Time elapsed: 51 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 21

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\dtacmawh.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\ldvx.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\qsdhs.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Users\Kelly Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8IS0645\anti-malware-application[1].exe (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.
C:\Users\Kelly Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\LFBCOITO\anti-malware-application[1].exe (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.
C:\Users\Kelly Anne\Downloads\anti-malware-application.exe (Rogue.AntiMalwarePro) -> Quarantined and deleted successfully.
C:\Windows.old\Documents and Settings\Kelly\ntuser.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows.old\Documents and Settings\Kelly\Local Settings\Temp\cpybc5kw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows.old\Documents and Settings\Kelly\Start Menu\Programs\Startup\scandisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\dsibaks.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\syssvc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\calc.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\dehajije.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\eventlog.dll (Trojan.Sirefef) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\FastNetSrv.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\iehelper.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\isapeep.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\wmdtc.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\CONFIG\systemprofile\ntuser.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\CONFIG\systemprofile\Start Menu\Programs\Startup\scandisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows.old\Windows\SYSTEM32\DRIVERS\mwsykuoc.sys (Rootkit.Agent.BO) -> Quarantined and deleted successfully.





Kelly 1: Evil Virus Maker: 0

BOOOM

Kell_bellz
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2009-11-19
OS : xp
Points : 25733
# Likes : 0

View user profile

Back to top Go down

Re: Administrator has disabled Task manager, Can't open regedit. Horrible virus

Post by Dr Jay on Sat Nov 28, 2009 12:57 pm

Make sure the folder C:\Windows - exists

Please delete the folder: C:\Windows.old

It will take a long time to delete.

Do not delete C:\WINDOWS

Just the "old" one.

==

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum