Jump to content

total security trojan - can't scan or generate logs


Recommended Posts

I was recently infected with the Generic.fakealert!ink. and 13 other trojans based on a malwarebytes scan. After running the scan 3 times the Trojan.Vundo.h and Disabled SecurityCtr still showed on the scan but the log stated they were safely removed. Prior to the scan I had lost total control of the laptop and had to run Malwarebytes from a flash drive.

I followed the "cleaning guide" I found on geekstogo as best I could. couldn't run the system restore process, said I needed .net framework. Could not run window updates. It was disabled and even the services.msc could not enable.

I went to the geekstogo website to read more entries and I was infected with the Total Security Trojan. I don't believe I infected on their site. I think I was infected because my window updates are not current and I was connected to the Internet. Wireless connection.

Now with the Total Security Trojan:

I tried running MLWB from the flash drive. no luck.. it blocks it

I tried changing the name of the MLWB file. no luck... it blocks it

I tried running the Process Explorer from another flash drive. no luck ...it blocks it. I'm on my 4th flash drive...I'm afraid to put into my desktop computer after its been in the laptop. Am I paranoid or can it get infected also??? can I put into my desktop and scan with MLWB without infecting my desktop computer??

I tried loading the hijack this process. no luck .... it blocks it

If I let the computer sit idle for about 10 minutes a blue screen appears that says a problem was detected and windows has been shut down to prevent damage. a process or thread crucial to system operation has unexpectedly exited or been terminated. blah blah remove any hardware or software, disable BIOS memory options such as caching or shadowing. use safe mode

Technical information ---------------stop --0x000000f4 (0x000000003, 0x851cada0, 0x851caf14, 0x805d297c)

beginning dump of physical memory, physical memory dump complete, contact administrator

(this is an abbreviated version)

When I try to start in Safe Mode, I get the black/white page with the scrolling drives etc then the Blue screen appears with detected problem windows shut down to prevent damage to your computer. check for viruses remove any newly installed hard drives. check your hard drive is properly configured and terminated. run chkdsk/f to check for hard drive corruption and then restart ----stop 0x00000007b (0xf7b7a524, 0xc00000034, 0x00000000, 0x00000000)

(f drive would be my flash drive --- I simply pulled out of usb port when I couldn't run MLWB. I couldn't hit eject...couldn't open the drive...

I don't think this is a legit windows message, I think it's the trojan.

In summary I can't start in "safe mode"

any suggestions??? I saw a similar problem on Generalgeeks and they had a download for a CD to boot computer and then scan. my question will the computer know to boot from this CD or do I need to do something so it doesn't boot from windows..?

Any help would be greatly appreciated... it's my son's laptop and college starts next week. I'm running Windows XP home edition with service pack 3. it's a Dell Inspiron 15. I have a windows xp disc with service pack 2 that came with the laptop if I need to reload. When I told him this was a good possiblity he looked like I just backed over his puppy with the minivan. He doesn't want to lose his 8gigs of music downloads. oh well, can't get to the music with the current state of the laptop...so it's lost either way.

Thanks in advance for any assistance you can provide

Link to post
Share on other sites

  • Staff

Hi rodeoro and welcome to Malwarebytes.

Please run a GMER Rootkit scan:

Download GMER's application from here:

http://www.gmer.net/gmer.zip

Unzip it and start the GMER.exe

Click the Rootkit tab and click the Scan button.

Once done, click the Copy button.

This will copy the results to your clipboard.

Paste the results in your next reply.

Warning ! Please, do not select the "Show all" checkbox during the scan.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post please post the one that is not minimized.

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.