Malware Help--

Need help with issue below:

Time of Issue: 3 days now.
Description: Whenever I boot up, desktop seems to flicker (show icons + task bar) for 3 seconds and then goes off again. When running mg tools I notioced thatit could not find explorer.exe. I think this might be my issue. I also cannot navigate to files unless i do it through internetexplorer (I run this by using task manager). I follwowed the pre-reqs and have attached logs. Please help !!

 

Here is the attcahement for the sUPER Spyware scan.

 

Hi darylick,
funny name LOL
Welcome to Major Geeks!

Please go back and rerun MalwareBytes and make sure you have it FIX everything it finds. Either quarantine or delete!
There's not anything in your logs which would lead to the symptoms you describe, however, I would like to check something in your registry.

Go to Start / Run and type in regedit and click on okay. Follow the pathway below

HKEY_Curren User / Software / Microsoft / Windows / Current Version / Policies / Explorer

See if you see either Restrict Run or DisallowRun

If so, see what the dword is set to.

I don't think this is a malware problem. I would like for you to start a thread in the Hardware Forum and see if they can help you with some diagnostics to see if there might be a problem there. There are a few things we could do, but if you run MalwareBytes and have it fix things, the other items are not malware. We can work on those later.

Attach the MalwareBytes log when you're done and let me know how this goes?

abri

 

abri:
Thanks for your help with this.

I re-ran MalwareBytes and it found heuristics in explorer.old file. I rebooted and same issue occured. IF I log intoSafe Mode with the same user it also happens;however; when I log in as another user profile it doesn't. Strange.

Anyway, I have attached the log for you.

As far as th ekey goes here it is: The dWord Key is sey to the following:

NoDriveTypeAutoRun RegDword 0x00000091 (145).

Does that help?

 

Hi darylick,

First a question: Did someone redo your operating system using the recovery console for repairs or something like this? You have files on your system that look like this: xpsp2res(2)(2).dll These are not bad files and they are not the wrong size, but I'm wondering what the (2)(2) is about which doesn't appear in other people's logs. What happened to your computer on April 13th?


Next, please do the following:

1) Download and install Erunt. Use it to create a backup of your registry.

2) Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the File Type type is set to "all files" Once you have saved it, look for it on your desktop and when you find it, double-click it and allow it to merge with the registry.

Let me know if you get a success message when you run the above REGEDIT4. Also, any information with regard to my questions would be useful.

Thanks.
abri

 

Abri:
I backed up the registry and executed the registry files (saying it was sucessful. I rebooted and same issues occured. As far as what happened on April 13th not sure as this issues started this week. I have had, in a poor attempt, tried to restore back to a point. The only point I have was one from yesterday (i did this before you replied back). I am on xp sp3 now.
Sorry for the confusion.

 

Hi darylick,

Your entire system was changed on April 13th. If you don't remember this, then the question remains as to what happened that day. Did you update your computer to SP3 that day? I would like to ask you to start a thread in the Software Forum. Please put a note in your thread to refer to this thread here in the Malware Forum for the logs which show that your files underwent some change on April 13th. You can alternatively click on the Manage Attachments button when you start your new thread and upload the file called newfiles.txt which you'll find in the C:\MGTools folder.

abri