Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Alert Bottom Right Toolbar, My Computer/my Documents Missing


  • This topic is locked This topic is locked
14 replies to this topic

#1 reddragon6uk

reddragon6uk

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 September 2008 - 07:50 AM

I am using Microsoft windows XP on a dell desktop computer.

Downloaded torrent on Sept 10th, think there was a virus of some sort in it.

Virus alert! appeared in bottom right of toolbar by clock (disappears if clock is hidden). Screen also went red with a skull and crossbones image I think and the message 'your privacy is in danger.' Screen then went blue, icons missing.

I restarted computer, screen now normal but my computer/my documents/control panel and all programs button missing from start menu. Tried to access them by going through connect to button in start menu, show all connections and then clicking on other places on left panel. I can access control panel and my documents from here, but my computer file only shows my documents.

A small black screen with white writing pops up for a few seconds on start up called system 32 I think.

I have installed spy bot search and destroy, ad-aware, mcafee stinger but although they deleted malware, the problem has not been fixed. The only thing that has happened is the all programs button on start menu has reappeared as normal.

Sorry if my explanation is a bit confusing, I am new to this and I just wanted to try and explain as much of the problem as possible!



I have also posted on another website but have yet to receive help from them.

Edited by reddragon6uk, 16 September 2008 - 07:53 AM.


BC AdBot (Login to Remove)

 


m

#2 reddragon6uk

reddragon6uk
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 September 2008 - 07:52 AM

Sorry, just realised I am not supposed to post hijack this logs in forum. I will repost in appropriate forum.

#3 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:34 PM

Posted 16 September 2008 - 07:59 AM

I have also posted on another website but have yet to receive help from them.


I hope you don't have 2 HJT logs posted in 2 different security forums

There are not enough trained helpers to go around, that's why you have to wait on help

If you were to tie up 2 helpers that's means someone else is not getting the help they need
Chewy

No. Try not. Do... or do not. There is no try.

#4 E-Mu

E-Mu

    Bleepin' Psychopomp


  • Members
  • 1,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:34 PM

Posted 16 September 2008 - 08:02 AM

If you have posted a HJT Log in a forum then do not make any further changes to your computer until instructed to do so by the adviser helping you. Also if you have a HJT Log posted on another forum and then post one on BC, you will want to remove one so as two people arnt trying to help as any changes will not be picked up on and the two advisers might be using different methods to help.

Once you have clarified on this then we can start to help.

E-Mu
~ E-Mu ~

"Emu, You Moo, We All Moo for Emu!" <-- Thanks to Animal

"If at first you don't succeed; call it version 1.0"


#5 reddragon6uk

reddragon6uk
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 September 2008 - 08:02 AM

No, just the same message which I have now deleted so this is the only post I have. Sorry for the mistake. To clarify, I haven't got a HJT log posted anywhere else.

Edited by reddragon6uk, 16 September 2008 - 08:05 AM.


#6 E-Mu

E-Mu

    Bleepin' Psychopomp


  • Members
  • 1,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:34 PM

Posted 16 September 2008 - 08:06 AM

Posted at the same time lol.

Ok so as it stands you only have this post and no HJT.

Can you explain now as to what is missing on your computer?

Do you have any idea as to what the virus/infection is or could be?

What was the file you downloaded? (please do not post a link to this)

E-Mu
~ E-Mu ~

"Emu, You Moo, We All Moo for Emu!" <-- Thanks to Animal

"If at first you don't succeed; call it version 1.0"


#7 reddragon6uk

reddragon6uk
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 September 2008 - 08:16 AM

I think it must have come from a game torrent downloaded using utorrent but I'm not sure. I was also in the process of deleting an expired version of Norton when it happened, don't know if that could be cause?

In start up menu, my computer and my documents is missing and control panel. Also run and browse are missing (basically only set program access and connect to buttons are in right hand column).

I can access my documents, but my computer does not contain anything except shared documents and my documents folders. My computer has not been deleted from computer because I can access it on other accounts.

I really don't know much about viruses, Reg cure picked up various files called \YUR1.exe and similar names which it removed. Also when I have scanned computer it found Trojan fakes (I think they were called).

Thanks for your quick response

Edited by reddragon6uk, 16 September 2008 - 08:20 AM.


#8 E-Mu

E-Mu

    Bleepin' Psychopomp


  • Members
  • 1,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:34 PM

Posted 16 September 2008 - 08:30 AM

From a bit of research on \YUR1.exe, the best thing to do is have a look through this Bleeping Computer Tutorial, follow the steps that are set out.

Once you get to Step 4. Download and run HijackThis, and then post a log in this following the forum rules. One of the current HJT Team should be in contact within 5days to help you with this.

Unfortunately i am not allowed to help you with HJT Logs on this forum as i'm not a member of the HJT Team.

E-Mu
~ E-Mu ~

"Emu, You Moo, We All Moo for Emu!" <-- Thanks to Animal

"If at first you don't succeed; call it version 1.0"


#9 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:34 PM

Posted 16 September 2008 - 08:40 AM

I would wait on a HJT solution, they are overworked already

the privacy danger and yur1 might be removed with selfhelp tools

here's one example

http://www.bleepingcomputer.com/forums/ind...amp;hl=YUR1.exe

http://www.bleepingcomputer.com/forums/ind...st&p=945735

let's start with MBAM

That's the whole purpose of this subforum

Edited by DaChew, 16 September 2008 - 08:43 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#10 E-Mu

E-Mu

    Bleepin' Psychopomp


  • Members
  • 1,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:34 PM

Posted 16 September 2008 - 08:50 AM

My apologies i didn't realise the HJT Team where back logged.

I thought due to multiple issues a HJT might be better, and i also made a newbie mistake by not checking the forums for similar cases.

And with MBAM, i didn't realise the full extent of the possibilities - hmmm i shall read into this now...


Thanks for the heads up tho and "reddragon6uk" ignore my post's here and follow DaChew.

My apologies again
Steve.
~ E-Mu ~

"Emu, You Moo, We All Moo for Emu!" <-- Thanks to Animal

"If at first you don't succeed; call it version 1.0"


#11 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:34 PM

Posted 16 September 2008 - 08:50 AM

http://www.bleepingcomputer.com/forums/t/169617/virus-alert-bottom-right-of-toolbar-my-computer-missing/

I see you reposted a HJT log again
Chewy

No. Try not. Do... or do not. There is no try.

#12 reddragon6uk

reddragon6uk
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 September 2008 - 09:19 AM

Sorry, posted it before you left last message.

I am currently scanning using Malwarebytes that you recommended Steve, I'll let you know what it comes up with.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:34 PM

Posted 16 September 2008 - 09:30 AM

Hello, which way do you want to proceed HJT or here as one needs to be closed?? please reply soon. As I will have to close this one if you do not reply shortly.Thank you.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 reddragon6uk

reddragon6uk
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 16 September 2008 - 09:31 AM

I'll carry on with HJT log and end this one, thanks

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:34 PM

Posted 16 September 2008 - 09:39 AM

Very well,thanks for the respose.
Your log is Properly posted here
http://www.bleepingcomputer.com/forums/ind...mp;#entry946242

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users