Malware/Virus Problems (with logs)

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Mike_, Aug 17, 2009.

  1. Mike_

    Mike_ Private E-2

    Hello, I've been having several problems with my computer:

    1.) Upon loading wondows, I get the message "Error loading tapi.nfo. The specified module could not be found."
    2.) My google search result links are redirected (google hijack?).
    3.) Several anti-virus and spyware programs will not run/function properly.
    4.) Of no real concern to me, but several desktop icons and my desktop picture aren't working at all. This is just fyi.

    A point of possible importance before posting my logs:
    I am able to run antivir (my antivirus program). It produces several warnings and around 129 detections (!). These all seem to center around a "delphi.gen" name. When I click "repair-all" after the scan is finished, the scan closes and nothing happens. It then continues to show my most recent scan as several weeks ago (as though I hadn't just preformed a scan).

    ---After following your directions on "Read and Run Me First":
    -I have run SUPERantispyware, but upon reboot I cannot open the program to go get my logs. Please note: the scan found no detections (a previous scan the day before resulted in almost 75 deleted items, but I uninstalled SAS inorder to try to get it working again and have lost those logs). The message when I try to open it is: "Windows cannot access the specified path, device, or file. You may not have appropriate permissions to access the item"

    -I am unable to open Malwarebytes. It downloads and updates. The first launch after installation allows me to attempt to preform a scan, but then immediately shuts down Malwarebytes. (I have tried re-naming the .exe and running in safe mode, both to no avail). The message is the same as above for SAS.

    -I am unable to run ComboFix (have tried renaming and running in safe mode). I download the .exe, then it appears to be loading (small grey box with blue loading bar), but then does nothing.

    Thanks for any attention/help. Please don't hesistate to ask for more information or correct anything I may have done improperly.
     

    Attached Files:

    Mike_, Aug 17, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You don't need to run SUPERAntiSpyware to attach the logs. You just need to navigate to the folder where they are located and attach them. Attach the below file:
    Code:
    C:\Documents and Settings\Michael T. Nelson\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs\
Aug 16 2009       10230  "SUPERAntiSpyware Scan Log - 08-16-2009 - 23-49-05.log"
    Download and save this XPsp2bu.exe to your C:\ root folder. You must do this properly. Now run the XPsp2bu.exe program by double clicking on it. You may or may not notice a quick flash of a black window. This is normal. The program runs quickly and just extracts some files we need.

    We will be using a special tool below named Avenger. We will see if we can replace a bad file with a good copy. Also we will attempt to have Avenger run ComboFix automatically at reboot time. Not sure if this will actually will work but be prepared to see ComboFix and allow it to run if you see it pop up.

    Now download The Avenger by Swandog46, and save it to your Desktop.
    • Extract avenger.exe from the Zip file and save it to your desktop
    • Run avenger.exe by double-clicking on it.
    • Do not change any check box options!!
    • Copy everything in the Quote box below, and paste it into the Input script here: part of the window:
    • Now click the Execute button.
    • Click Yes to the prompt to confirm you want to execute.
    • Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    • Your PC should reboot, if not, reboot it yourself.
    • A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
    C:\WINDOWS\TEMP
    C:\Documents and Settings\Michael T. Nelson\Local Settings\Temp

    Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

    Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

    Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )

    Then attach the below logs:
    • C:\avenger.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Aug 20, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds