HELP!!! Virus completely locked me out

ih8puters · 06-17-2008, 04:53 AM

Yesterday I found out my computer was infected with spyware and a trojan virus. I use Norton 360 which did not detect anything. My cable company actually sent me a message saying my internet settings were changed by a virus and that I needed to run my antivirus/spyware protection software. I ran norton which said it removed something but my computer was still acting funny. I downloaded AVG which I've used in the past and it found other items which were removed. My computer ran progressivly slower and slower. I could not press ctrl, alt, delete as I get a message saying the administrator has it locked. I restarted my computer and now I get a login screen saying the computer has been locked by it's administrator and will not allow me to do anything. PLEASE HELP ME. I have absolutely no idea what I am doing. I am a real estate investor and desperately need the files stored on this computer.

Thank you

G25r8cer · 06-17-2008, 04:56 AM

Have you tried booting into safe mode? When the bios page (page that says your pc make) appears repeatedly hit F8 key until a black page appears. Hit the arrow down key until "safe mode (no network)" is highlighted and hit "enter".

PCC_Australia · 06-17-2008, 05:06 AM

Sounds quite odd to say the least. You are the administrator of your computer aren't you? and you can remember the password? If not try the Windows defaults:

username: administrator or admin

leave the password field blank and hit ok or enter on your keyboard.

As for the Virus. Sometimes after a scan is completed and results are returned, it is good to take a look at the paths of the infected files and manually navigate to the folder where the assumed infected file is found and manually delete that file.

Let us know how you go, as far as accessing your desktop etc.

G25r8cer · 06-17-2008, 05:11 AM

Also. If you have both AVG and Norton installed that is BAD. You need to get rid of one of them. I recommend sticking with AVG and dump norton. Un-install norton once you get into safe mode.

ih8puters · 06-17-2008, 05:21 AM

Thank you very much for the quick reply. At the log-in screen I couldn't type anything it was "grayed" out. I rebooted the computer pressing f8 as suggested by one of the previous posts. I now have AVG running another scan and it has picked up a lot of stuff. The only thing I recognize is trojan.....I see Trojan.bomka , trojan.killproc.h , trojan.goldun.u , trojan. conhook.b , trojan.Zlob.f , Trojan.PWS.cu , etc. My computer has always ran fine until this happened yesterday. AVG has identified a lot of stuff but I'm completely ignorant about this. How do I know what I'm dealing with to even begin to remove it.

PCC_Australia · 06-17-2008, 05:54 AM

You can generally look up the definitions on any known good Anti Virus manufacturers website.

Personally, i just type the name of the virus into a google search and see whether or not the virus attaches itself to a program or frequently used file within Windows itself.

If you are unsure if the file is used alot and is a core component of daily software activites, just quarantine the file to be sure.

Hope this helps

ih8puters · 06-17-2008, 05:56 AM

is it possible to get so many virus' at once? My computer was fine until yesterday. Now AVG has a HUGE list of things

**ceewi1** · 06-17-2008, 05:57 AM

Post a HijackThis log:

Please download the HijackThis installer from http://www.trendsecure.com/portal/en...HJTInstall.exe.

Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

When the Notepad window opens choose Edit -> Select All to select the entire log, and copy and paste the log into a reply post.
Most of what it lists will be harmless or even essential, don't fix anything yet.

**ceewi1** · 06-17-2008, 05:59 AM

Quote:

Originally Posted by ih8puters

is it possible to get so many virus' at once? My computer was fine until yesterday. Now AVG has a HUGE list of things

Yes, it's not unusual for an infection to download reinforcements. I suggest you spend as little time on the Internet as possible with the infected machine.

ih8puters · 06-17-2008, 06:03 AM

Working on that now. I will post results ASAP

06-17-2008, 04:53 AM	#1
ih8puters Byte Member Join Date: Jun 2008 Posts: 25	HELP!!! Virus completely locked me out Yesterday I found out my computer was infected with spyware and a trojan virus. I use Norton 360 which did not detect anything. My cable company actually sent me a message saying my internet settings were changed by a virus and that I needed to run my antivirus/spyware protection software. I ran norton which said it removed something but my computer was still acting funny. I downloaded AVG which I've used in the past and it found other items which were removed. My computer ran progressivly slower and slower. I could not press ctrl, alt, delete as I get a message saying the administrator has it locked. I restarted my computer and now I get a login screen saying the computer has been locked by it's administrator and will not allow me to do anything. PLEASE HELP ME. I have absolutely no idea what I am doing. I am a real estate investor and desperately need the files stored on this computer. Thank you

06-17-2008, 04:56 AM	#2
G25r8cer Petabyte Member Join Date: Feb 2008 Location: Zeeland, MI Age: 22 Posts: 5,891	Have you tried booting into safe mode? When the bios page (page that says your pc make) appears repeatedly hit F8 key until a black page appears. Hit the arrow down key until "safe mode (no network)" is highlighted and hit "enter". __________________ Antec 300 w/Scyth Kaze Master Asus M4A785TD-V EVO Phenom II 955BE w/ CoolerMaster V8 @ 3.8GHZ 2 x 2gb Gskill DDR3 1600mhz Ultra X-Finity 600watt psu Samsung F3 500gb and F1 750gb XFX 9600GSO Logitech Illuminated, MX Revo, and x-540 speakers Team Stats FOLDING FOR THE GOOD OF MANKIND F@H Team 44358

06-17-2008, 05:06 AM	#3
PCC_Australia Byte Member Join Date: Jun 2008 Location: Newcastle, Australia Posts: 75	Sounds quite odd to say the least. You are the administrator of your computer aren't you? and you can remember the password? If not try the Windows defaults: username: administrator or admin leave the password field blank and hit ok or enter on your keyboard. As for the Virus. Sometimes after a scan is completed and results are returned, it is good to take a look at the paths of the infected files and manually navigate to the folder where the assumed infected file is found and manually delete that file. Let us know how you go, as far as accessing your desktop etc. __________________ PC Credibility Australia \| Easy.Flexible.Robust Email: nick@pccredibility.com.au Forums: http://www.pccredibility.com.au/forums IM: nick@pccredibility.com.au

06-17-2008, 05:11 AM	#4
G25r8cer Petabyte Member Join Date: Feb 2008 Location: Zeeland, MI Age: 22 Posts: 5,891	Also. If you have both AVG and Norton installed that is BAD. You need to get rid of one of them. I recommend sticking with AVG and dump norton. Un-install norton once you get into safe mode. __________________ Antec 300 w/Scyth Kaze Master Asus M4A785TD-V EVO Phenom II 955BE w/ CoolerMaster V8 @ 3.8GHZ 2 x 2gb Gskill DDR3 1600mhz Ultra X-Finity 600watt psu Samsung F3 500gb and F1 750gb XFX 9600GSO Logitech Illuminated, MX Revo, and x-540 speakers Team Stats FOLDING FOR THE GOOD OF MANKIND F@H Team 44358

06-17-2008, 05:54 AM	#6
PCC_Australia Byte Member Join Date: Jun 2008 Location: Newcastle, Australia Posts: 75	You can generally look up the definitions on any known good Anti Virus manufacturers website. Personally, i just type the name of the virus into a google search and see whether or not the virus attaches itself to a program or frequently used file within Windows itself. If you are unsure if the file is used alot and is a core component of daily software activites, just quarantine the file to be sure. Hope this helps __________________ PC Credibility Australia \| Easy.Flexible.Robust Email: nick@pccredibility.com.au Forums: http://www.pccredibility.com.au/forums IM: nick@pccredibility.com.au

06-17-2008, 05:21 AM	#5
ih8puters Byte Member Join Date: Jun 2008 Posts: 25	Thank you very much for the quick reply. At the log-in screen I couldn't type anything it was "grayed" out. I rebooted the computer pressing f8 as suggested by one of the previous posts. I now have AVG running another scan and it has picked up a lot of stuff. The only thing I recognize is trojan.....I see Trojan.bomka , trojan.killproc.h , trojan.goldun.u , trojan. conhook.b , trojan.Zlob.f , Trojan.PWS.cu , etc. My computer has always ran fine until this happened yesterday. AVG has identified a lot of stuff but I'm completely ignorant about this. How do I know what I'm dealing with to even begin to remove it.

06-17-2008, 05:56 AM	#7
ih8puters Byte Member Join Date: Jun 2008 Posts: 25	is it possible to get so many virus' at once? My computer was fine until yesterday. Now AVG has a HUGE list of things

06-17-2008, 05:57 AM	#8
ceewi1 Petabyte Member Join Date: Dec 2005 Location: Melbourne, Australia Age: 26 Posts: 5,423	Post a HijackThis log: Please download the HijackThis installer from http://www.trendsecure.com/portal/en...HJTInstall.exe. Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis. Click Do a system scan and save a logfile When the Notepad window opens choose Edit -> Select All to select the entire log, and copy and paste the log into a reply post. Most of what it lists will be harmless or even essential, don't fix anything yet. __________________ CPU: Core 2 Duo E6600 / MOBO: Gigabyte 965P-DS3 / GPU: Gigabyte HD4870 RAM: 2GB G.Skill F2-6400CL4D-2GBPK / HDD: 2TB Total HDD / PSU: Antec NeoPower 480W Cheap PSUs - 2% of system costs, responsible for 28% of system deaths As Sealed Stick was removed, lost or damaged, it shall be out of warranty validity. - The "Warranty void if removed" sticker on numerous CoolerMaster PSUs. Useful PSU Guides

06-17-2008, 06:03 AM	#10
ih8puters Byte Member Join Date: Jun 2008 Posts: 25	Working on that now. I will post results ASAP

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
new notebook ...	jessiej	Computer Security	49	06-08-2008 01:40 PM
Analyse combofix log and hijack log	alyoob	Computer Security	10	02-09-2008 02:22 AM
Probs with adware despite rung several anti spyware	altvic	Computer Security	29	01-18-2008 09:50 AM
computer problem	yellow.orange	Computer Security	16	12-21-2007 09:56 AM
Friends HJTL	vroom_skies	Computer Security	11	09-12-2006 06:04 AM