Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Freezes After Loading Desktop - Trojan +Rootkit Infection?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Asswhoopermcdaddy

Asswhoopermcdaddy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 03 November 2010 - 02:32 PM

HELP!!!!!! My computer got hit with a Trojan yesterday slowing down the entire machine in normal mode and taking out my Norton.

In normal mode, I load windows, sign in w/ my password, and windows desktop fully loads except for the tray icons to the lower right where Symantec is suppose to be. My cursor is able to move across the screen, but the moment I click on ANYTHING, it freezes completely.

In safe mode, I still have most of my access. I've run all the following scans as well as the guide provided but no luck. Here's where I currently stand:

1.) Norton Symantec - no viruses detected, but unable to perform live update. Downloaded the new signature definition file....still no new virus detected.

2.) Eset Online Scanner - initially removed Win 32/PrcView and Win32/Agent.HZBURL Trojan......subsequent scans are clean.

3.) Spybot Search and Destroy - removed some registry keys (though they looked normal to me).

4.) TrendMicro Online Scanner - clean. No virus detections. Unable to install rootkitbuster and run.

5.) SuperAntivirus Scan - log attached. Mostly clean. 1 infection is from a disabled windows popup that I have....

6.) MBAM - clean. Unable to detect anything wrong (log attached).

7.) Combofix - log attached.....I don't know. I see a bunch of locked registry keys that do not look familiar to me.

8.) RootRepeal - it ran and crashed. Completely froze and did not respond at all.

9.) MGTools - it ran and crashed. "application generated an exception that could not be handled process id =0x418(1048) thread id = 0x40c(1036) Terminate" AGHHH

10.) Attached are the logs for DDS and GMER.


Can any techie please help??!! I really need access back to a normal computer. None of the cleaners seem to be effective.

Attached Files



BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:06:50 PM

Posted 11 November 2010 - 11:28 AM

Hello Asswhoopermcdaddy , <---LOVE the name :thumbup2:

Posted Image

Sorry for the delay. :( If you still need help, please post a new DDS/HijackThis log and I'll be happy to look at it. :)

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:06:50 PM

Posted 17 November 2010 - 10:24 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users