Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

what is YsToFludkafaY.exe?


  • Please log in to reply
3 replies to this topic

#1 JoeCewl

JoeCewl

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 14 November 2011 - 12:47 PM

I apparently have a new virus, as I can not find any info on this command. I believe that this is part of what is plaguing my system.

YsToFludkafaY.exe

The other foriegn object that I was able to find in my startup log is

QY8Tlfphu5MxGY.exe

I could use some help on these if anyone has seen them. The problem has taken over several areas of my comp including the true System Restore, hiding many of the MyDocuments file, Microsoft Updater, and some aspects of the desktop/personalization features.

There is an option to do a system restore in the safe mode/f8 dos menu, but again not sure if this will direct me to the true Restore or if its part of the virus.

After running malwarebytes, which found 4 bugs (2 in the start menu and 2 in the task manager) I am still unable to do a proper System restore.

Edited by hamluis, 14 November 2011 - 02:25 PM.
Moved from Vista to Am I Infected.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:45 AM

Posted 14 November 2011 - 02:17 PM

Can you post the logs from your scans with Malwarebytes?

#3 JoeCewl

JoeCewl
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 21 November 2011 - 11:24 AM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6178

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19154

11/14/2011 10:23:30 AM
mbam-log-2011-11-14 (10-23-30).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 304446
Time elapsed: 39 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:45 AM

Posted 21 November 2011 - 12:15 PM

Please run the scans in Normal Mode.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users