This is 1 of those "HELP! PLEASE HELP" posts.

Discussion in 'Malware Help (A Specialist Will Reply)' started by Frommer_Baby, Oct 12, 2006.

  1. Frommer_Baby

    Frommer_Baby Private E-2

    Hi there people, good-day to you all. I use this website a lot and have often witnesses the expert advice given to posters who have a problem. This is what brings me here today. For the past couple of days I have had a number of problems, but all virus scans and spybot scans return clean :S.

    -I cannot right click items on my desktop without having the end the "explorer.exe." process as the whole desktop crashes on me

    -I recently installed IL-2 Sturmovik FB ACE Expansion Pack and now every-time that I want to play it, i double click the shortcut and it loads briefly then fails totally in which ultimately my deskto crashes....and youve guessed it <--back to restarting the explorer process! But also having to end the "IL2FB.exe" process to end the game. (n.b; I have successfully played this game for a couple of days, only recently has it begun this)

    -Sometimes when I go to my programs directory from start and I click on Spybot S&D the process seems to end up doing the same as IL-2 as stated above but this time I do not need to end the explorer process, just the spybot one.

    -Upon shutdown I always recieve "Rundll32.exe is still [whatever]" and I can either choose "end now" or "cancel" (I choose "end now").

    -Another thing is Azureus, I installed the "3D Swarm" plug-in but after being able to use it for a while it now seems to crash the whole program when I initiate the plug-in. However this might not be anything to do with the other issues?

    So to conclude, the main problems I am having are the first three and it's been driving me nuts for ages now. Also upon transferring data from discs, sometimes I will recieve a "cyclic redundancy check" error, though I have looked these up and it might just that the disc is a bad copy lol. However, this does lead me to sort of think that my HD might be too old cause I used to get errors like this and crashes like this prior to reformatting the drive a couple of months ago. I mean if its knackering that would explain the noise coming from it like a lil squeek when the computer is loading and it would also explain why sometimes when I go to start > Programs > and any program folder on the list, the actual file associatio would be blank and it'd look like one of those files where windows cannot attribute an association to it. Correct?

    Either way, I would appreciate all your help on this people! Below is my Hijack This results for you:



    Thanks again!
     
    Last edited by a moderator: Oct 12, 2006
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi and welcome :)


    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Downloading, Installing, and Running HijackThis

    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.


    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy - ONLY IF you were not able to run Windows Defender
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
  3. Frommer_Baby

    Frommer_Baby Private E-2

    Hi again, thanks for correcting me Halo on the correct procedure to use when posting on ur forum. I apologise for the ignorance.

    Moving back to the problem, i've followed your steps and guide and have attatched to this post the files that are asked for; there's the "analyse" logfile which is renamed from the HijackThis logfile, the "runkeys" and "newkeys" log text files.

    Also whilst looking through the files myself I noticed that on the newkeys logfile if you scroll down to where it says "New EXE files created in C:/WINDOWS in the last 90 days" there is a strange file named "account maker.EXE" and upon acknowleging this I went to the folder directory and found the EXE file. I right clicked and looked on properties, this is what I found and I'm pretty sure it is a piece of Malware (please excuse this link to another site if they are not allowed but I feel this is justified, admin): http://img377.imageshack.us/img377/5048/suspisciousexefiletc3.png

    Thanks for any help you will provide, I will re-check this post in 15-20 minutes,

    FB.
     

    Attached Files:

  4. Shadow_Puter_Dude

    Shadow_Puter_Dude MG Authorized Malware Fighter

    Please post the logs from the BitDefender and Panda ActiveScan online scanners.
     
  5. Frommer_Baby

    Frommer_Baby Private E-2

    Only got the BitDefender report as I thought the other would be useless as nothing was found....yet again. I'm beginning to see a trend you see with all these virus scans.


    But i cnt attatch the file as its an html document.
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please read the directions in the READ ME and follow them. They tell you to simply rename the file to have a .txt extension.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds