Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Missing desktop, start task bar and other isues


  • Please log in to reply
8 replies to this topic

#1 g1956j

g1956j

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:12 PM

Posted 06 July 2010 - 07:50 PM

I was having problems with browser redriecting but I thought I solved it, then I had a few blue screens of death, but now I have a missing desktop, start task bar, and I can't find Explorer.exe.

I tried to do a system restore to a day earlier, no luck - I tried to do a Windows XP Pro SP3 repair by running my windows disk, still no luck.

I was getting a pop-up when opening browser windows which said something about CTFMON~1.exe and something about a virtual device driver. I went to locate that file but only saw the CTFMON.exe, just to see what I could see I right clicked on that file and tried to go to properties, but it wouldn't open, but I think the next time I re-booted or it was just my virus program, (System Suite 10), was doing something, I seen where it was deleating, what I thought I saw ,Explorer.exe, twice but I could'nt stop it, and after that no icons or task bar.

I hope that helps.

My next try is I got a copy of Explorer.exe from a computer at work and I am going to try and put into my windows folder and try and get it to reboot that way, (later after work).

So far the only thing I can do is a ctrl>alt>del and get into task manager and some of the run commands I know I can get to work, like I can get firefox - IE to connect to the internet, I can get disk manager to give me a look at my drives and some others that didn't help me out so far.

I have a few things that I dont want to lose if I can help it thats why I am going through all of this.

I still think I have some kind of a virus or something and would like to see what you all can do for me if its ok.

Thanks in advance, GJ

Edited by g1956j, 06 July 2010 - 07:59 PM.


BC AdBot (Login to Remove)

 


#2 g1956j

g1956j
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:12 PM

Posted 06 July 2010 - 10:59 PM

I'm not sure what did it but I got things back even that nag I thought I got rid of - and the redirecting of browser pages, so I think it was the reg restore i did with the clean my pc program I have.

All my problems are back so I really need help fast - (not to be a pest) - but I need help!!!

But I would still like for one of the gurus here to do the combofix and or HijackThis to see what all is messing with me, if you would be so kind.

Again! Thanks in advance, GJ

Edited by g1956j, 06 July 2010 - 11:10 PM.


#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 06 July 2010 - 11:08 PM

What happens if you go ctrl+alt+del and get into task manager and then go File > New Task and type "explorer".
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#4 g1956j

g1956j
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:12 PM

Posted 07 July 2010 - 07:01 AM

What happens if you go ctrl+alt+del and get into task manager and then go File > New Task and type "explorer".


I got my desktop and task bar back working, but All my problems are back and am looking to clean the out if I can.

Looking to run HijackTish or Combofix and Have someone tell me what the problems are, I'm just looking for the help.

Thanks GJ

#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 07 July 2010 - 04:28 PM

Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1
Download Link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#6 g1956j

g1956j
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:12 PM

Posted 08 July 2010 - 11:00 AM

This is what I got but I couldn't send it to you because everything was freezing up. I ran it again in safe mode (it found nothing with a full scan). I also ran A-squared, not in safe mode, (called Emsisoft now), got rid of 60 something more problems - no freezing yet - but there was still two it couldn't get rid of [e:\Documents and Settings\Application Data\Passware and e:\Documents and Settings\Application Data\Passware Kit], I will give the report for that at the bottom of this post as well.

IE just flashes It doesn't run!!


I Just did an update for A-squared and it had a lot of new definitions so I will run it while I am at work and see if maybe it will take care of the one that got away - wish me luck.



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/7/2010 11:43:52 PM
mbam-log-2010-07-07 (23-43-52).txt

Scan type: Quick scan
Objects scanned: 136306
Time elapsed: 8 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 26

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
E:\WINDOWS\linkinfo.dll (Trojan.Agent) -> Delete on reboot.
E:\WINDOWS\msacm32.drv (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.163.216,93.188.161.53 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{64b92193-b4c9-4afc-b45c-609126e7c696}\NameServer (Trojan.DNSChanger) -> Data: 93.188.163.216,93.188.161.53 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
E:\WINDOWS\linkinfo.dll (Trojan.Agent) -> Delete on reboot.
E:\WINDOWS\smlogsvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\mstinit.exe (Trojan.Zaplo) -> Quarantined and deleted successfully.
E:\WINDOWS\corpol.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
E:\WINDOWS\csrss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
E:\WINDOWS\ctfmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\iexpress.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\msacm32.drv (Trojan.Agent) -> Delete on reboot.
E:\WINDOWS\msvidc32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
E:\WINDOWS\npptools.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
E:\WINDOWS\ntvdm.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
E:\WINDOWS\Packet.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
E:\WINDOWS\pmspl.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
E:\WINDOWS\rundll32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
E:\WINDOWS\smss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\sysocmgr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
E:\WINDOWS\ups.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\wmpdxm.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
E:\WINDOWS\wpcap.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
E:\WINDOWS\dllhost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
E:\WINDOWS\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
E:\WINDOWS\msiexec.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
E:\WINDOWS\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
E:\WINDOWS\userinit.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
E:\WINDOWS\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.




AND NOW THIS



Emsisoft Anti-Malware - Version 5.0
quarantine log

Date Source Event Behavior/Infection
7/8/2010 11:20:56 AM Key: HKEY_LOCAL_MACHINE\software\RegCure Moved To Quarantine Trace.Registry.RegCure!A2
7/8/2010 11:20:56 AM e:\documents and settings\gary\application data\Passware Moved To Quarantine Trace.Directory.Passware Kit 9.0!A2
7/8/2010 11:20:56 AM e:\windows\dhcp Moved To Quarantine Trace.Directory.files732435.net!A2
7/8/2010 11:20:56 AM Key: HKEY_LOCAL_MACHINE\software\RegCure Moved To Quarantine Trace.Registry.RegCure!A2
7/8/2010 11:20:55 AM e:\windows\oleacc.dll Moved To Quarantine Trace.File.EzulaTopText!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Cookies\gary@bs.serving-sys[1].txt Moved To Quarantine Trace.TrackingCookie.bs.serving-sys!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Cookies\gary@serving-sys[1].txt Moved To Quarantine Trace.TrackingCookie.serving-sys!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Cookies\gary@smartadserver[1].txt Moved To Quarantine Trace.TrackingCookie.smartadserver!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Cookies\gary@specificclick[1].txt Moved To Quarantine Trace.TrackingCookie.specificclick!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276185656593000 Moved To Quarantine Trace.TrackingCookie.statse.webtrendslive!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276185657625000 Moved To Quarantine Trace.TrackingCookie.doubleclick.net!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276835485546000 Moved To Quarantine Trace.TrackingCookie.ad.yieldmanager.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276831147299002 Moved To Quarantine Trace.TrackingCookie.ad.yieldmanager.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276313396187000 Moved To Quarantine Trace.TrackingCookie.ad.yieldmanager.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276313371656000 Moved To Quarantine Trace.TrackingCookie.ad.yieldmanager.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276313342125001 Moved To Quarantine Trace.TrackingCookie.ad.yieldmanager.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276313342125000 Moved To Quarantine Trace.TrackingCookie.ad.yieldmanager.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277171503343002 Moved To Quarantine Trace.TrackingCookie.adbrite.com!A2
7/8/2010 11:20:55 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276789547783002 Moved To Quarantine Trace.TrackingCookie.adbrite.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276313389375001 Moved To Quarantine Trace.TrackingCookie.adbrite.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276313389375000 Moved To Quarantine Trace.TrackingCookie.adbrite.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276399705578000 Moved To Quarantine Trace.TrackingCookie.count!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276399844328001 Moved To Quarantine Trace.TrackingCookie.www.buy!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276474598937000 Moved To Quarantine Trace.TrackingCookie.lycos.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277569965765004 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277219626357006 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276474601640007 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276474601640003 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276474601375002 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276474601375001 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276474601375000 Moved To Quarantine Trace.TrackingCookie.casalemedia.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276831843892000 Moved To Quarantine Trace.TrackingCookie.tribalfusion.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1276831915064000 Moved To Quarantine Trace.TrackingCookie.adz.afterdawn.net!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277045148531001 Moved To Quarantine Trace.TrackingCookie.zedo.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277045146671000 Moved To Quarantine Trace.TrackingCookie.zedo.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277045146453000 Moved To Quarantine Trace.TrackingCookie.zedo.com!A2
7/8/2010 11:20:54 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277220593794000 Moved To Quarantine Trace.TrackingCookie.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277167696171000 Moved To Quarantine Trace.TrackingCookie.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277219626232002 Moved To Quarantine Trace.TrackingCookie.www.adfusion.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277323245953003 Moved To Quarantine Trace.TrackingCookie.myspace.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277323245953000 Moved To Quarantine Trace.TrackingCookie.myspace.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277323218781000 Moved To Quarantine Trace.TrackingCookie.myspace.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277323218218014 Moved To Quarantine Trace.TrackingCookie.myspace.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277323203890001 Moved To Quarantine Trace.TrackingCookie.myspace.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277323894062000 Moved To Quarantine Trace.TrackingCookie.www.burstbeacon.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277440041784001 Moved To Quarantine Trace.TrackingCookie.trafficmp.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277328355640002 Moved To Quarantine Trace.TrackingCookie.trafficmp.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277328355640001 Moved To Quarantine Trace.TrackingCookie.trafficmp.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1277438492534000 Moved To Quarantine Trace.TrackingCookie.data.coremetrics!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1278393310984000 Moved To Quarantine Trace.TrackingCookie.m.webtrends.com!A2
7/8/2010 11:20:53 AM E:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\ulby7j7m.default\cookies.sqlite:1278504401719001 Moved To Quarantine Trace.TrackingCookie.server.iad.livepers!A2
7/8/2010 11:20:51 AM D:\Program Files\Video Joiner\BoilsoftVideoJoiner5.32\avi_mpg_rm_joiner.exe Moved To Quarantine Virus.Win32.Trojan!IK
7/8/2010 11:20:51 AM E:\Documents and Settings\Gary\Desktop\FTA Stuff\Flash Wizard\Flashwizard Pro-6.4b3v-500s_Plus.600pvr.800s-HD.7000s.7020s.7025s\FW-6.4b3v By Atko-Ohrid\DreamUp Beta\DreamUpLAN.exe Moved To Quarantine Trojan-Dropper.Delf!IK
7/8/2010 11:20:51 AM E:\System Volume Information\_restore{3CC6FBB9-0CF9-4C64-AF51-105B1A992081}\RP1\A0007340.exe Moved To Quarantine Trojan.Trash!IK
7/8/2010 11:20:51 AM E:\System Volume Information\_restore{3CC6FBB9-0CF9-4C64-AF51-105B1A992081}\RP1\A0007338.exe Moved To Quarantine Trojan.Trash!IK
7/8/2010 11:20:51 AM E:\System Volume Information\_restore{3CC6FBB9-0CF9-4C64-AF51-105B1A992081}\RP1\A0007336.exe Moved To Quarantine Trojan.Trash!IK
7/8/2010 11:20:51 AM E:\System Volume Information\_restore{3CC6FBB9-0CF9-4C64-AF51-105B1A992081}\RP1\A0007331.exe Moved To Quarantine Trojan.Trash!IK
7/8/2010 11:20:51 AM E:\System Volume Information\_restore{3CC6FBB9-0CF9-4C64-AF51-105B1A992081}\RP1\A0007321.exe Moved To Quarantine Trojan.Trash!IK
7/8/2010 11:20:50 AM F:\downloaded stuff\setup(2).exe Moved To Quarantine Trojan-Downloader.Win32.FraudLoad.gqa!A2
7/8/2010 11:20:50 AM F:\System Volume Information\_restore{3CC6FBB9-0CF9-4C64-AF51-105B1A992081}\RP1\A0005267.exe Moved To Quarantine HackTool.Win32.Patch.A!IK
7/8/2010 11:20:50 AM G:\My Music\FretboardWarrior.exe Moved To Quarantine Virus.Trojan.Win32.Obfuscated.aao!IK
7/8/2010 11:20:49 AM H:\Nero Stuff\KeyGen.exe Moved To Quarantine Riskware.Keygen.Nero!IK




Thanks GJ

Edited by g1956j, 08 July 2010 - 11:36 AM.


#7 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 08 July 2010 - 05:34 PM

Run another Malwarebytes scan (in Normal Mode) and post the log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#8 g1956j

g1956j
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:12 PM

Posted 08 July 2010 - 11:22 PM

It say I'm clean but Internet Explorer still doesn't run.

Haven't tried anything else yet I will wait for your reply before doing anything else.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4294

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/8/2010 11:39:43 PM
mbam-log-2010-07-08 (23-39-43).txt

Scan type: Quick scan
Objects scanned: 147367
Time elapsed: 15 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



Let me know why you think IE no longer works for a start.

Thanks GJ

#9 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 AM

Posted 09 July 2010 - 12:34 AM

Try this:

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

Do you get any error messages when you try to run IE?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users