Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection? [d2d1debug1.dll]


  • Please log in to reply
13 replies to this topic

#1 vvmm

vvmm

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 22 September 2012 - 08:41 AM

Hi all,

From yesterday on, i have this issue: When i open Computer, the green bar at the top begins to load, there are magnifying glasses over Favorites, Libraries and Computer on the left pane, and nothing displayed in the explorer main pane. If i navigate manually to any folder by typing the address, it takes me to that folder, but there are no icons to the files or folders. Although, they open as expected, can be renamed etc., but on right click explorer hangs. The desktop icons, start menu and control panel show properly.

Before this problem occured i accessed a suspicious webpage (from an USB drive), though...

I scanned with Malwarebytes, Spybot, ESET, ran ChkDsk, sfc /scannow.

They all found nothing!
Important fact is that in Safe Mode i have the same problem!!!

So i used Combofix and gmer this time.
Here are the logs and screenshots: https://skydrive.live.com/redir?resid=68DDE8B5E2A73B7A!1908&authkey=!AF_v7TKydOGoaWM

After restart, i think that everything is ok, but can i be sure that my system is clean?

Edited by vvmm, 22 September 2012 - 08:44 AM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 22 September 2012 - 08:45 AM

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download update and do a quick scan with malwarebytes and superantispyware


http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

REmove all that each of the programs above find and reboot.
Post the logs.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.
http://download.sysinternals.com/files/Autoruns.zip


Download

http://www.bleepingcomputer.com/download/minitoolbox/dl/65/

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Download
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Run it check all the boxes let it finish post the log here.

Edited by InadequateInfirmity, 22 September 2012 - 08:46 AM.


#3 vvmm

vvmm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 22 September 2012 - 11:41 AM

Ok, so here are all the requested logs:

https://skydrive.live.com/redir?resid=68DDE8B5E2A73B7A!1908&authkey=!AF_v7TKydOGoaWM

ComboFix solved the problem, but now after running Adw Cleaner the problem appeared again!

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 22 September 2012 - 11:52 AM

uninstall
Spybot - Search & Destroy (Version: 1.6.2)

Run the program below hit the scan button let it finish then hit the delete button reboot
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

#5 vvmm

vvmm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 22 September 2012 - 12:06 PM

Everything seems fine... but there is a slightly lag before icons show in computer folder
Logs: https://skydrive.live.com/redir?resid=68DDE8B5E2A73B7A!1908&authkey=!AF_v7TKydOGoaWM

Edit: No, problem back again.

Edited by vvmm, 22 September 2012 - 12:09 PM.


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 22 September 2012 - 12:09 PM

Download windows all in one repair tool and run it with all boxes checked after the tool runs reboot a couple of times and let me know how it goes.
I am looking over your autoruns log will get back to you on that.
http://www.tweaking.com/content/page/windows_repair_all_in_one.html

#7 vvmm

vvmm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 22 September 2012 - 12:45 PM

The problem doesn't exist immediately after restart. But after i do a little browsing back and forth through the files and folders, open explorer, close explorer, it is back. After a little more open-close cycles, it disappears again and again comes back etc.

#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 22 September 2012 - 01:33 PM

Create a new admin profile and see if it happens there.

#9 vvmm

vvmm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 22 September 2012 - 02:36 PM

I created another user and it works fine there.

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 22 September 2012 - 02:39 PM

May want to try and run sfc /scannow from the corrupted profile or start transferring your files to the new profile or perhaps another member can help you further. Good luck. :thumbup2:

#11 vvmm

vvmm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 23 September 2012 - 05:28 AM

I have just reinstalled windows, hopefully, after restoring applications it will not come back again.

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 23 September 2012 - 12:29 PM

:thumbup2: Thnanks for letting us know. :)

#13 vvmm

vvmm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 24 September 2012 - 05:43 AM

I reinstalled all programs, one by one, and the problem was back, but now I now why! The problem occured after installing Acronis True Image 2013, because i disabled its services from running automatically. It seems that Acronis doesn't like that... and wants to force me running useless services most of the time. After activating the services, the problem is gone. :) Good to know!

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:20 PM

Posted 24 September 2012 - 03:49 PM

Thanks for the update. :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users