BleepingComputer.com: I Can't Get in Any of my Programs!

I don't know what's going on? I logged into the Internet today and my computer locked up completely. I did a Control-Alt-Delete and was able to log-off. I waited for a minute..then logged back into my system. Everything seemed to appear fine. However, I couldn't get into any of my programs. I.E. Control Panel/MyComputer/Internet, etc., etc. I would double click an icon and nothing would happen. I've logged off several times and back on and still no success.

Do I have a virus? How can I get rid of it? I have McAfee but I can't get into it now? Not to mention I have a free version of the malwarebytes scanner and I can't utilize that either. I'm at a complete lost. I don't know what to do.

I have moderate computer savvy skills and I would need step by step instructions from anyone who knows how to correct this matter.

Please help...

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

Can you log into Safe Mode?

RavenPhoenix, on Jul 10 2009, 01:49 PM, said:

Yes, Raven I can. Thank, God I have another PC and looked up troubleshooting info. I went into SafeMode and ran a Malware Scan. All kinds of crap came up: Trojan: Artemis, Rootkit.Boot, Backdoor.Bot, Rogue.ErrorFix, Worm.KoobFace. Have no idea...how I could have gotten these things. I was in an approved news site? Everything was deleted or so I thought. When I rebooted again. I was still experiencing the same problem. Therefore I logged back in and ran another scan.

This time it said I had only two problems. Trojans: Artemis and a FakeAlert-FF, they were quarantined. So now I'm getting ready to re-scan, then shut down, reboot and see if everything is cleared up.

Dont know if this is jumping the gun here. but would a repair installation of windows do the trick? or am i barking up the wrong tree?

I have no clue Andrew. I'm back to square one again, even after so calling deleting all of the malicious viruses/adware and such off my computer. After, I re-booted and being joyful that my problem was resolved...it went back to doing the same thing again. Whereas, I couldn't get past my desktop...and can't click onto any programs.

Hi, No a Repair install will NOT work.. A full wipe and reinstall will.

First a word about what you have already found/
One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.



if you decide to clean...
Next run MBAM (MalwareBytes):

NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

• Make sure you are connected to the Internet.
  
• Double-click on mbam-setup.exe to install the application.
  
• When the installation begins, follow the prompts and do not make any changes to default settings.
  
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
    
  • Launch Malwarebytes' Anti-Malware
  
  
• Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

• If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  
• If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

• Make sure the "Perform Quick Scan" option is selected.
  
• Then click on the Scan button.
  
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  
• Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

• Click on the Show Results button to see a list of any malware that was found.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When removal is completed, a log report will open in Notepad.
  
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  
• Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.