Vista Malware cleanup

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by argusxk, Dec 26, 2011.

  1. argusxk

    argusxk Private E-2

    Still not sure what happened. To the best of my recollection, I simply clicked on an email link in yahoo email (from a trusted site) when everything went haywire. IE was was taking me to scareware sites, and popups stating I had trojans were appearing. I could not launch Task Manager by right click on the taskbar and had no control over IE.

    I managed to launch ProcessExplorer and kill an unrecognized process called CYT.exe which helped a little. I also located and deleted iexplorer.exe in ..\AppData\Local which restored normal browsing. I have run through all the steps listed in Vista and Windows 7 malware removal. These steps indicate no problems found. However, Most of the links on my taskbar, and attempts to launch Security Center from the control panel result in a popup that states - c:\Windows\System32\rundll32.exe "Application not found". Same thing when I try to launch Task Manager from the task bar - c:\Windows\System32\taskmgr.exe "Application not found". Anything remotely security related seems to be affected in the same way. However, all the files do exist in System32 and can be launched manually with a doubleclick. I ran sfc /SCANNOW to confirm the DLLs and EXEs in System32. sfc ran to completion. It was unable to repair tcpmon.ini. So now I'm trying to determine what next. Any help will be appreciated.
     
    argusxk, Dec 26, 2011
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please attach the requested logs. ;)
     
    TimW, Dec 26, 2011
    #2
  3. argusxk

    argusxk Private E-2

    Attachments attached!

    Thank you.
     

    Attached Files:

    argusxk, Dec 26, 2011
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I am only finding one item that needs to be removed:
    Use windows explorer to find and delete>
    C:\ProgramData\7vg2vymse2q487q02o63mpq

    Tell me exactly what malware issues you are still having.
     
    TimW, Dec 26, 2011
    #4
  5. argusxk

    argusxk Private E-2

    Most of the links on my QuickLaunch toolbar, Start Menu, Notification Area and attempts to launch Security Center from the control panel result in a popup that states - c:\Windows\System32\rundll32.exe "Application not found". Same thing when I try to launch Task Manager from the task bar - c:\Windows\System32\taskmgr.exe "Application not found". Anything remotely security related seems to be affected in the same way. However, all the files do exist in System32 and can be launched manually with a doubleclick. I ran sfc /SCANNOW to confirm the DLLs and EXEs in System32. sfc ran to completion. It was unable to repair tcpmon.ini.

    This behavior seems to be limited to the profile I usually use (Standard user). My admin user profile is behaving correctly. Should I just delete the mis-behaving profile and create a new one?

    Thanks for you help
     

    Attached Files:

    argusxk, Dec 26, 2011
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Probably the easiest thing to do. ;)
     
    TimW, Dec 27, 2011
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds