My Explorer bar and desktop icons are playing up - please help!!

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

• If something does not run, write down the info to explain to us later but keep on going.
• Do not assume that because one step does not work that they all will not.

READ & RUN ME FIRST. Malware Removal Guide

Notes:

1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
   
   • Starting your computer in Safe mode
2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.

 

If you were messing with the registry without a back up..then yes it could be that.

You still need to go thru all the instructions so that we can see what is going on in your computer.

 

If you have done everything, then you need to attach the resultant logs. I can not help you with out seeing them!

 

Need still the MalwareBytes log and the C:\MGLogs.zip

In the meantime:

Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now use windows explorer to find and delete:
C:\WINDOWS\System32\msvcrt2032.dll

Now continue on and get me the other logs.

 

Please re-run Malwarebytes, only this time, have it fix everything it finds!

Then, assuming you have run the MGTools as instructed, run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the new log from MWGrun the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the new log from MWB's.

 

You downloaded MGTools to your desktop and ran it from there ----> the instructions where to move it or install it on the C drive as in C:\MGTools.exe. Had you just followed all the instructions that were clearly laid out to you, we would have been done and you clean about 10 posts ago.

Now you have to uninstall/ delete all the MGTools items. Download it again and this time put it directly on the C:\ drive.

But first:

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):
Open notepad and copy and paste the following text in the quote box into the window:

Save this as fix.bat
Choose to save as all files.
Doubleclick fix.bat and let the program run.
A small black dos window will flash, this is normal.


Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

NOTE: HJT may popup an error about the AppInit_DLLs line. Ignore it and click OK to continue.

After clicking Fix, exit HJT.

Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now use windows explorer to find and delete:
C:\WINDOWS\system32\ATHAN
C:\WINDOWS\System32\msvcrt2032.dll
C:\WINDOWS\Fonts\F14DD386.EXE

Now download MGTools as instructed and run it and attach the C:\MGLogs.zip.

 

Please run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file