Virus which closes command prompt and taskmanager, and cannot run any antivirus?

Question

I have a computer which has some sort of virus where:

1. Whenever i try to run Norton, norton does not open. I tried *installing* AVG, - canot install. It was even refusing to let the file be copied to the PC

2. When i open task manager, it opens then immediately closes.

3. When i open the dos command prompt, it opens then immediately closes.

4. when i log on the the PC, several command windows with nothing in the title bar appear, then disappear.

What is this? what do i do?

Answer 1

um this would be a good point to restor you pc or reinstall windows, becaues its basily locked you computer down. ( most programs use the comand prompt to start which is what is stopping norton)

Answer 2

2

Answer 3

Boot the computer into Safe Mode (as soon as you turn it on begin to repeatedly press the F8 key until you get a screen with the Safe Mode option).

Once in, do a Start > Accessories > System Tools > System Restore. See if you have a restore point dated from before the problem started. Restore to that date.

Reboot the PC and hopefully you will be able now to run your anti-virus, etc. Doing the Restore should keep the virus from loading. But you still need to do a scan to remove all the files.

Answer 4

I think this is the brontok virus. Go here and download one or both removal tools; run them in Safe mode and see what happens:

http://www.bitdefender.com/VIRUS-157247-en--Win32.Brontok.A@mm.html
http://wirusy.antivirenkit.pl/en/szczepionki/Brontok.html

If these don't work (it may not be brontok), then do the following very carefully:

1) turn off System Restore. You do this by going to Accessories..System Tools..System Restore. Turn this off--it's most often not needed and is a place where viruses hide.

2) go to www.grisoft.com and download their AVG anti-virus package. Restart your computer in Safe mode (by tapping F5 or F8 for awhile just after you turn your computer on). You'll need to start it in Safe Mode With Network Support in order to be able to get to the Internet to update AVG with the latest definitions.

3) Now run the AVG software. This is a *very* aggressive software package and can remove just about anything.

4) Reboot your computer normally. If you're still having problems, continue with the following:
5) Go to
http://www.spywareinfo.com/~merijn/progr...
and download HiJackThis. Run the program, which will create a log file. Go to

http://forums.spywareinfo.com/

and post your HiJackThis log. You will get an extremely rapid, very precise answer as to whether or not you still have any infections and, if so, exactly what to do.

3) After everything is all cleaned up I recommend installing SpyBot (it's free; just make sure to keep it updated):
http://www.safer-networking.org/

and SpywareTerminator (also free):
http://www.spywareterminator.com/

Good luck!

Answer 5

PLEASE DO NOT PERFORM A SYSTEM RESOTRE would be my first suggestion as it seems your computer is infected with a virus/worm/trojan.

As you have mentioned that your command prompt just opens and then closes immediately my best bet is that same would happen when you try opening the Registry Editor:
1) Start > Run
2) Type "regedit" or "regedt32" (without quotes) in the Run prompt and click OK.
3) If it just opens and closes immediately then try opening System Configuration Utility by typing "msconfig" in the Run prompt.
4) If this also flashes open and goes away its assured that your computer is infected.

You have also mentioned that your Norton does not open up, it means that the virus has corrupted the registry entries of norton and hence you can not use norton.

At this stage I would suggest you restart your computer in Safe Mode with Networking, if you have a cable connection. To boot the computer in Safe Mode with Networking:
1) Start the computer and start tapping the function key F8 on the keyboard.
2) This would take you to the Windows Startup Menu. Here select the option "Safe Mode with Networking" using the up/down arrow key.
3) Hit Enter to proceed further.

If you do not have a cable connection but have DSL or Dialup then skip booting your computer into Safe Mode with Networking, as you would not be able to go online in that Mode with DSL or Dialup connection(s), and follow the following steps:
1) Open your browser and goto the following link to run an online scan to check which virus/worm/trojan has infected your computer:
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym

2) Once the scan is complete you would be provided with the list of infected files and the virus/worm/trojan that has infected these files.

3) You can take a print out of this page and then restart your computer in Safe Mode.

**NOTE**
IF you ran the test in the Safe Mode with Networking then also you will have to restart your computer in Safe Mode. These are two completely different modes.

4) Once in Safe Mode goto the locations as per the print out and delete the infected files.

**NOTE**
You may have 5 to 6 or more viruses/worms/trojans but the number of infected files would be more than the number of virus/worm/trojan. So filter the Name of Virus/worm/trojan section and check how many of them you have and what are there names. Then goto the following link and get the removal tool or removal instruction(incase tool does not exist) for the viruses and take a print out of the instructions as well.
http://www.symantec.com/home_homeoffice/security_response/threatexplorer/azlisting.jsp
Then reboot your computer in Safe Mode and do as above mentioned.

This is what I personally do to get rid of virus/worm/trojan and it works like charm.

Hope all works out well for you. Incase of any doubts we are always around.

Cheers ;-)

Answer 6

Have you tried doing it in Safe Mode? (reset and then tap F8 when booting up)