Missing icons on start menu and desktop

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Rippin, Apr 23, 2015.

  1. Rippin

    Rippin Private E-2

    Hi just making sure I don't have anything going on with my pc. I was missing a couple icons from my start menu and from my desktop when I started my computer this morning. Also when I opened Chrome it froze the computer, which had never happened before. I tried to shut the computer down through start menu and it didn't work. I then press and held the power button and nothing happened. So as last resort I hit the power button on my power supply (probably not the best thing). I started the computer in safemode and ran a scan with malwarebytes and it found a couple None Malware items and I chose to quarantine. I ran a boot time scan with avast and it also came up with nothing. So now I went through with the steps to remove malware and I have attached 2 files. I was going to restore the computer to an earlier date so that i can get whatever is missing on my desktop back but I will wait to hear from you guys first. Thanks for your time and for any help you might provide.
     

    Attached Files:

    Rippin, Apr 23, 2015
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Need to see logs from RogueKiller and MGTools please. Also, run a fresh scan with Malware Bytes and attach a hopefully clean log. :)
     
    Kestrel13!, Apr 23, 2015
    #2
  3. Rippin

    Rippin Private E-2

    Here are the rest of the logs, sorry about that.
     

    Attached Files:

    Rippin, Apr 26, 2015
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Sorry for the delay in a response. :)

    Re run Hitman and have it remove what it finds.

    I am seeing nothing else to do here. Explain how things are running after Hitman step.
     
    Kestrel13!, Apr 28, 2015
    #4
  5. Rippin

    Rippin Private E-2

    I ran the hitman pro scan once more and had it remove everything that came up. The only thing is that it asked me to sign up for a free trial before it could delete everything. After shutting computer on and starting it back up my Anti virus caught on to it and recommended i remove it so i did. Everything else seems to be good. Thanks for your time and help.
     
    Rippin, May 14, 2015
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    So rescan once more, attach log, let me see what remains.


    What did you anti virus remove??
     
    Kestrel13!, May 14, 2015
    #6
  7. Rippin

    Rippin Private E-2

    I'm not sure what my anti-virus deleted? I should have written it down but I always freak out when I get a warning pop-up and I immediately hit Remove threat. Here's the new log for Hitman pro.
     

    Attached Files:

    Rippin, May 22, 2015
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    How comfortable are you in the Windows Registry? How would you feel about deleteing a few keys?
     
    Kestrel13!, May 22, 2015
    #8
  9. Rippin

    Rippin Private E-2

    Sorry about the late response. The only thing I've changed in the registry is I set my SSD as the operating system drive, and set my hdd as the place everything else saves. So I don't have much experience with it but I have tinkered with registry a little. I'd be fine with deleting a few things if thats what you recommend.
     
    Rippin, Jun 24, 2015
    #9
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Delete these please (bolded parts)

    HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS

    Once done, reboot the machine, rescan with Hitman and attach log please.
     
    Kestrel13!, Jun 24, 2015
    #10
  11. Rippin

    Rippin Private E-2

    Thank you for your help. Computer started doing some random stuff to where comodo firewall wouldn't let me do anything without popping up like 20 times . Then I was working on writing an email and my cursor kept moving by itself so I figured I had probably been hacked (coulda just been my paranoia). I was already thinking about getting a new ssd cause I was working with a 64gb with only like 15gb free space. So I purchased a 256gb ssd I formatted hdd and did fresh install. Now I got new problems which im going to make a new post on. Thanks again.
     
    Rippin, Jul 30, 2015
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds