IE crashes when opened and a couple other problems...

Discussion in 'Malware Help (A Specialist Will Reply)' started by eggchen, Mar 13, 2006.

  1. eggchen

    eggchen Private E-2

    I'm having trouble with this computer. At first the task manager wouldn't open, saying it was disabled by the admin, although no one else uses this system but my girlfriend and her brother and both said they did not do anything that would cause this. I removed "paytime.exe" and a couple other things and task manager is now working. I also deleted a couple things while is safe mode that looked a bit like keyloggers. However, internet explorer now crashes imediately after opened. I tried re-installing explorer but even the installer crashes.

    I've run all the scans and tests in the "steps thread", with the exception of windows defender which will not install, and was wondering where to go from here?

    The system is an dell laptop, with Pentium M 1.2ghz processor running windows xp sp2, with 374 mb ram.

    Hope this is enough info to get started, thanks for your time.
     

    Attached Files:

    eggchen, Mar 13, 2006
    #1
  2. AbbySue

    AbbySue MajorGeeks Administrator

    Welcome to MajorGeeks!:)

    A couple things of note while you are waiting for a Malware Fighter to assist you further.

    Your Bitdefender log was not saved in the correct format per step 6 of the Read & Run me so is essentially unreadable.

    Click-on Click here to view the report

    When the window comes up with the report. Click File, Save As.... and then change the Save as type to Text File (*.txt)

    Change the file name to something short like bdscan1.txt

    You have a rogue spyware application installed. Please look in Add/Remove programs for AlfaCleaner and uninstall if found. After you have uninstalled it navigate to program files and delete the AlfaCleaner folder. Run HJT and attach a fresh log.
     
    AbbySue, Mar 13, 2006
    #2
  3. eggchen

    eggchen Private E-2

    I had removed alfacleaner before hand but forgot to remove the folder. But that is now done.

    Here is the new HJT and hopefully this bitdefender log is better
     

    Attached Files:

    eggchen, Mar 13, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    No! You are still not following the directions exactly as written. All you are attaching is a log summary which is of no use to us since it does not say where the infections are found.

    If you follow the directions, the file you will be attaching is an html file with a .txt extension. But don't worry about it now. We will work with the obvious problems you have and there are a bunch. I'll look at your logs and post something in a little while.


    Empty your Recycle Bin! And any quarantine folder you have for antivirus or antispyware programs!

    In the meantime, if you come back before I post again, please run the steps in the below and attach the requested smitfiles.txt log.

    SpywareStrike, Smitfraud, SpySheriff, SpyAxe & PSGuard Removal

    Also note you have a password stealing trojan! Take the information below seriously!!

    You are strongly advised to do the following immediately:
    1. Disconnect infected computer from the internet and from any networked computers until the computer can be cleaned. If you have network compters, start checking them for problems too.
    2. Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
    3. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
    Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passords and transaction information.
     
    Last edited: Mar 13, 2006
    chaslang, Mar 13, 2006
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Let's continue with fixes now!

    The reason you are so badly infected is because you have been running with no protection. You have no antivirus or firewall applications installed. This is very dangerous as you have now read in my previous post.

    First goto Add/Remove programs and uninstall the below if found:
    Viewpoint Manager

    You were using MSCONFIG to control startups in your previous HJT log. Step 7 clearly states that you must not do this. So read step 7 again now and click on the links and make sure you select Normal Startup.

    In attempt to cleanup many things that may be hiding on your PC (due to these trojans) please run the below two additional scanners and attach the requested logs. This will take some additional time but it is well worth it for your security.


    Running Spy Sweeper

    Running Ewido Anti-Malware

    After running the above two scans, make sure you have stopped using msconfig and attach a new HJT log too.
     
    chaslang, Mar 13, 2006
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds