I have a trojan deskbloking worm
Closed
barkingbudgie
-
Mar 31, 2010 at 02:26 PM
Ambucias Posts 47356 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 - Apr 12, 2010 at 03:10 PM
Ambucias Posts 47356 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 - Apr 12, 2010 at 03:10 PM
Related:
- I have a trojan deskbloking worm
- Trojan remover - Download - Antivirus
- Kido worm ✓ - Viruses & Security Forum
- How to unhide files hidden by trojan - Viruses & Security Forum
- Files hidden by trojan - Viruses & Security Forum
- Trojan help - Viruses & Security Forum
3 responses
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,172
Mar 31, 2010 at 05:31 PM
Mar 31, 2010 at 05:31 PM
Hello Barkingbudgie.
Your nick sounds ferocious, almost as a goose guard.
If you tell me what was the suggested antivirus, I help you, like you can tell me and I will keep it a secret.
Oh, what the hell...
First, lets see if we can get your desktop icons back and we will take care.
Please follow these steps:
reboot your computer in the Safe mode with command prompt.
Once Windows loaded, command prompt (black window) opens. Type notepad and press Enter.
A notepad window opens. Type the following text into notepad:
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
AddReg=regsec
[regsec]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
HKLM, Software\Microsoft\Windows NT\CurrentVersion\Winlogon,Shell,0x00000020,"Explorer.exe"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad). Close Notepad.
In the command prompt type Explorer.exe and Press Enter. Windows Explorer opens. Locate the fix.inf, click right button and select Install. Close Windows Explorer.
In the command prompt type shutdown -r and press Enter. Your computer will be rebooted.
Next please download Malwarebyte to your desktop:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
To fool the Trojan Horse, please rename it: kioskea.exe
Install Kioskea.exe and update it.
Disconnect your modem and close all other applications including this one.
Please run a FULL system scan.
A log will be saved, paste it here.
This took a lot of typing so I hope to get some feedback.
Regards
P.S. I hope that you did not loose to many feathers!
Your nick sounds ferocious, almost as a goose guard.
If you tell me what was the suggested antivirus, I help you, like you can tell me and I will keep it a secret.
Oh, what the hell...
First, lets see if we can get your desktop icons back and we will take care.
Please follow these steps:
reboot your computer in the Safe mode with command prompt.
Once Windows loaded, command prompt (black window) opens. Type notepad and press Enter.
A notepad window opens. Type the following text into notepad:
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
AddReg=regsec
[regsec]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
HKLM, Software\Microsoft\Windows NT\CurrentVersion\Winlogon,Shell,0x00000020,"Explorer.exe"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad). Close Notepad.
In the command prompt type Explorer.exe and Press Enter. Windows Explorer opens. Locate the fix.inf, click right button and select Install. Close Windows Explorer.
In the command prompt type shutdown -r and press Enter. Your computer will be rebooted.
Next please download Malwarebyte to your desktop:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
To fool the Trojan Horse, please rename it: kioskea.exe
Install Kioskea.exe and update it.
Disconnect your modem and close all other applications including this one.
Please run a FULL system scan.
A log will be saved, paste it here.
This took a lot of typing so I hope to get some feedback.
Regards
P.S. I hope that you did not loose to many feathers!
I have a similar problem on an XP machine. McAfee ran its normal scan and identified two trojan horses. It removed one and required a reboot. I rebooted the machine. It started up normally until it got to the user logon screen. I could select a user and it would appear to be loading preferences. However, it opened onto the deskotop with only the wallpaper showing. No apps, no toolbars, no nothing. I can get the Task Manager window. It shows no applications running and the System Idle Process is running at 99%.
I can also restart in Safe Mode. It goes through the start up until I get to the user logon screen. After selecting a user, all I get is a black screen with "safe mode" logos in each of the four corners. Again, the Task Manager shows that no applications are running and the System Idle Processes is running at 99%.
Anyone have any idea about how to resolve this?
Thanks.
I can also restart in Safe Mode. It goes through the start up until I get to the user logon screen. After selecting a user, all I get is a black screen with "safe mode" logos in each of the four corners. Again, the Task Manager shows that no applications are running and the System Idle Processes is running at 99%.
Anyone have any idea about how to resolve this?
Thanks.
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,172
Apr 12, 2010 at 03:10 PM
Apr 12, 2010 at 03:10 PM
Hello Geoker,
What were the Trojans?
Even if recommended in safe mode, please try this in normal mode to regain your desktop.
Once Windows loaded, command prompt (black window) opens. Type notepad and press Enter.
A notepad window opens. Type the following text into notepad:
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
AddReg=regsec
[regsec]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
HKLM, Software\Microsoft\Windows NT\CurrentVersion\Winlogon,Shell,0x00000020,"Explorer.exe"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad). Close Notepad.
In the command prompt type Explorer.exe and Press Enter. Windows Explorer opens. Locate the fix.inf, click right button and select Install. Close Windows Explorer.
In the command prompt type shutdown -r and press Enter. Your computer will be rebooted.
If it works, it does not mean that your system is clean!
Let me know as there are many ways to skin a cat, I mean trojan horse.
What were the Trojans?
Even if recommended in safe mode, please try this in normal mode to regain your desktop.
Once Windows loaded, command prompt (black window) opens. Type notepad and press Enter.
A notepad window opens. Type the following text into notepad:
[Version]
Signature="$Chicago$"
Provider=Myantispyware.com
[DefaultInstall]
AddReg=regsec
[regsec]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0
HKLM, Software\Microsoft\Windows NT\CurrentVersion\Winlogon,Shell,0x00000020,"Explorer.exe"
Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad). Close Notepad.
In the command prompt type Explorer.exe and Press Enter. Windows Explorer opens. Locate the fix.inf, click right button and select Install. Close Windows Explorer.
In the command prompt type shutdown -r and press Enter. Your computer will be rebooted.
If it works, it does not mean that your system is clean!
Let me know as there are many ways to skin a cat, I mean trojan horse.
