Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Start-up Program List Is Not Showing All My Programs


  • Please log in to reply
4 replies to this topic

#1 Munchkin25

Munchkin25

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:42 PM

Posted 06 September 2008 - 01:57 AM

Here's what happened:

I wanted to burn a disc using Windows Media Player using my laptop computer. For some reason, the burn button was not showing up. I couldn't click on it. I checked the file properties of the music files I was burning and they were MP3s, which I have never had a problem burning before with this type of file. So I decided to restart the computer. Once the computer finished the restart process, I clicked back into my start program, only to find out all my files are gone! I went into the Control Panel to check if they were completely gone, but the program list is showing all my files. I was able to access WMP by clicking on the exe file in my program files through Computer and was able to burn the disc. After that, I shut down the computer, waited five minutes, and started the computer up again. My start program is still not listing the files.

I notice twice that when the computer loaded my desktop, I got a corrupted file notice. It was an exe file, with the letters in some form of MSCAC. It comes and goes really quick so I can barely grab it. I tried to do a search for the file, but the window keeps crashing.

I also notice that I do not have certain Administrative properties anymore, like checking my Performance Logs. I had to click edit on the dialog pop-up boxes so I could gain access, but I am the sole Administrator on my laptop.

Could someone figured out what the heck happened? :thumbsup:
John Munch: You still think Big Brother isn't watching us?

Munch: What if I fail and all our dreams crash and burn?
Bayliss: It's very simple then. Meldrich and I will harm you.

The heart has reasons which reason knows nothing of.

I just saved a bunch of money on my car insurance by switching to no car insurance. -Stephen Colbert

BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:42 PM

Posted 06 September 2008 - 05:40 AM

Try a couple of these free, online scanners to see if anything has slipped by your protection:
(Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully)

http://housecall.trendmicro.com
http://www.pandasecurity.com/homeusers/solutions/activescan/
http://www.kaspersky.com/virusscanner Scan Only - no removal
http://www.bitdefender.com/scan8/ie.html
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/root/mfs/default.asp
http://onlinescan.avast.com/
http://ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.eset.com/onlinescan/

<links compiled on 02/14/2008>
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 Munchkin25

Munchkin25
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:42 PM

Posted 06 September 2008 - 01:53 PM

I used Malwarebytes' Anti-Malware (since the online scanners wouldn't work because it's not reading my Java application) and this is what they found:

------------------------------

Malwarebytes' Anti-Malware 1.23
Database version: 1004
Windows 6.0.6001 Service Pack 1

2:51:20 PM 9/6/2008
mbam-log-9-6-2008 (14-51-01).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 188562
Time elapsed: 1 hour(s), 32 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 57

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\gbplugin.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Brendom.htm (Malware.Trace) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SYSINFO.OCX (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\mstcpmvd.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win32.dll (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windowsupdat.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\msdoc.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows32.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\userinit.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\dllhost.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\smss.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\KB4182843.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cmzo.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\czlq.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\bsyys.scr (Spyware.Banker) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\csrss.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\bzts.exe (Adware.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fqrl.exe (Adware.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\lwbk.exe (Adware.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\msnmsgr.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ltul.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\toaw.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\mccv.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ncyc.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\dniw.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ifmq.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\ANJWSOINHJ.EXE (Trojan.Downloader) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\anjwsoinhj.exe (Trojan.Downloader) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YacsMon.exe (Trojan.Lop) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DW_Start.lnk (Malware.Links) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Deewoo.lnk (Malware.Links) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\lans.exe (Trojan.Agent) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\gabr.exe (Trojan.FakeAlert) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\findfast.exe (Trojan.FakeAlert) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\carlton (Dialer) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\autos.exe (Trojan.FakeAlert) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\infos.exe (Trojan.FakeAlert) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\system.exe (Rogue.WinAntivirus) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Instant access (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Join The Orgy (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\GoRecord 2 (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\GoAstro (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\InternetGameBox (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\SudoPlanet (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\WebMediaPlayer (Adware.EGDAccess) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\autorun.exe (Trojan.FakeAlert) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\lsass.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\services.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\smss.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\svchost*.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\explorer.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.


-----------------------

Note: I finally got all the information the dialog box set-up. My arrow happen to be on the box before it could disappear:

Windows Defender:

MSASCui.exe - corrupt file

The file or directory C:\ProgramData\Microsoft\Windows\Start Menu is corrupt and unreadable. Please run Chkdsk utility.


I'm gonna run a HiJackThis log and see what I find.

EDIT:

It seems I do not have permission to run HijackThis. Here's what the dialog box says...

For some reason your system denied to write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.

If that happens, you need to edit the file yourself. To do this, click Start, Run and typ

notepad C:\Windows\System32\drivers\etc\hosts

and hit enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts' (with quotes) and reboot.

For Vista: simply, exit HijackThis, right-click on the HijackThis icon, choose 'Run as administrator'.


The scan finished before I could exit out and now I have this box:

C:\Program Files\Trend Micro\HiJackThis\hijackthis.log file.

Do you want to create a new file?


I hit cancel and exited out of the program. I did what I was told in the previous dialog box and now I have no problems. Can I post the text file here?

Edited by Munchkin25, 06 September 2008 - 03:56 PM.

John Munch: You still think Big Brother isn't watching us?

Munch: What if I fail and all our dreams crash and burn?
Bayliss: It's very simple then. Meldrich and I will harm you.

The heart has reasons which reason knows nothing of.

I just saved a bunch of money on my car insurance by switching to no car insurance. -Stephen Colbert

#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:42 PM

Posted 06 September 2008 - 02:02 PM

I'll move this over to the Am I Infected forum....
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:07:42 PM

Posted 07 September 2008 - 06:31 AM

http://www.bleepingcomputer.com/forums/ind...st&p=935417

Would you see if you can get the latest version of MBAM to install and update?
Rerun a scan and post the log from after the fixes are applied as specified in the directions please.
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users