Gema victim

Discussion in 'Malware Help (A Specialist Will Reply)' started by caffre, May 16, 2012.

  1. caffre

    caffre Private E-2

    Seems I've been slammed by the/a Gema virus: can log into windows 7 but all that comes up is a white screen with "Please wait while the connection is beeing established. Bitte warden Sie wahrend die Verbindung hergestellt wird." {sic}

    Task manager has been "disabled by the admin", and the windows key is locked/ineffective, so I can't get to run any malware removal tools (or run anything, really). Alt-tabbing reveals that the white window is called: "GEMA -Auf Ihrem Rechner wurden..."

    I've run frst64 from system repair's command prompt, here's the log.
    Any help would be greatly appreciated! :S
     

    Attached Files:

    caffre, May 16, 2012
    #1
  2. thisisu

    thisisu Malware Consultant

    Welcome to Major Geeks, caffre :)

    Have you rebooted since you scanned with FRST?

    I am not finding any malware in the log you attached. It looks like you were in the middle of a System Restore attempt.

    Reboot and see if the problem still exists.
     
    thisisu, May 16, 2012
    #2
  3. caffre

    caffre Private E-2

    I've restarted several times; seems the first system restore i tried never was able to complete due to the virus (?), and all other restore attempts resulted in an error.

    Ran the frst64.exe again, this time with additional items. Not sure why they weren't registering before.

    Found a process I didn't recognize: bsi.bund.exe. Dumped it into a quarantine folder and restarted, was able to get into windows! :D

    Tried running updates on virus definitions, but it seems to stall...might be linked to the fact that taskmanager and regedit are still "locked by the administrator".

    Here's the latest log:

    Continuing to look into the problem...

    Edit: virus updates just took a while to complete. Quick scan didn't catch anything, so I'm doing a deeper one...
     

    Attached Files:

    Last edited: May 16, 2012
    caffre, May 16, 2012
    #3
  4. thisisu

    thisisu Malware Consultant

    Let me know if you still need assistance.
     
    thisisu, May 16, 2012
    #4
  5. caffre

    caffre Private E-2

    Appreciated :)

    I had to restart in safe mode before right-clicking on the desktop (to get the icons back) would work. Still had trouble getting access to task manager & regedit.

    Took me a while, but after running Malwarebytes Anti-Malware and Combofix I FINALLY have access to everything I should. I hope.

    I'm going to call this "resolved" for now.

    Thanks for your assistance! :D

    Time to run some backups....
     
    caffre, May 17, 2012
    #5
  6. thisisu

    thisisu Malware Consultant

    You're welcome. Surf safely :)
     
    thisisu, May 17, 2012
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds