Vista Explorer 8 problems

Discussion in 'Malware Help (A Specialist Will Reply)' started by Fritter Enzyme, Nov 23, 2009.

  1. Fritter Enzyme

    Fritter Enzyme Private E-2

    My HP DV9330us has gone wild on me. When I do a start up, I get over 300 explorer windows opening. I can't stop it without unplugging and pulling the battery out. MS was with me for five hours today and they don't know what this is. Any internal program I run goes to Explorer 8 to operate it like it was on the internet. I can't do a restore point or run antispyware programs. I ran MS live one scanner and it found nothing. I can go on the internet now but I have to delete hundreds of Explorer windows first. I get security warnings when I go to open any internal program that indicates that it is unknown and a internet risk to my system, from the internet even thought I am accessing something in my own computer drives. Any time I go on the internet I get several Explorer windows opening untill I cancel them out and then one goes to my home page. Things work on the internet in safe mode but nothing internal ever works. Not in any mode. I feel this is an issue with program defaults but MS thinks I have a virus. I was trying to enter a program into a mobile device, it asked what program to use, I picked Exporer, thinking it would look for what it needed, now Explorer is everything! They got me on the internet but anything I download to use, like their access program to take over my computer comes up with a security warning that it might harm my computer, and then it comes up again if I pick run, over and over again. There is nothing I can run, internal or external. Explorer is in charge, if I am on the internet or not. Vista home premium, HP DV 9330us. Explorer 8.
    Fritter
     
    Fritter Enzyme, Nov 23, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!

    If something does not run, write down the info to explain to us later but keep on going.


    • Do not assume that because one step does not work that they all will not.

    Now download this Win32kDiag and save to your Desktop.

    • Double-click the Utility to run it and and let it finish.
    • When it states Finished! Press any key to exit, press any key to close the program.
    • It will save a Win32kDiag.txt file to your desktop automatically. Attach this log file to your next message.

    See: HOW TO: Attach Items To Your Post

    Now download SysProt AntiRootkit

    This is a ZIP file so unzip onto your Desktop which should create a SysProt folder on your Desktop.

    • Open the SysProt folder by double clicking it
    • Double click Sysprot.exe to start the program.
    • Click on the Log tab.
    • In the Write to log box, make sure to select and unselect the following items.
      • Process << Selected
      • Kernel Modules << Selected
      • SSDT << Selected
      • Kernel Hooks << Selected
      • IRP Hooks << NOT Selected
      • Ports << NOT Selected
      • Hidden Files << Selected
    • At the bottom of the page
      • Hidden Objects Only << Selected
    • Click on the Create Log button on the bottom right.
    • After a few seconds a new window should appear.
    • Select Scan Root Drive. Click on the Start button.
    • When it is complete a new window will appear to indicate that the scan is finished.
    • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Attach the SysProtLog.txt log file to your next message.
    Download and save the below to your PC (save it anywhere you can find it. The Desktop is fine). Then doube click on it to run it.

    AVPFind.bat

    It should take a couple minutes to run. You will see a black command prompt window while it is running and it should close when it is finished. Once it finishes, attach the c:\avplog.txt file that is will hopefully create as long as the malware does not block the batch file from running.


    Now download and Run exeHelper

    • Please download exeHelper to your desktop.
    • Double-click on exeHelper.com to run the fix.
    • A black window should pop up, press any key to close once the fix is completed.
    • Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)

    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


    Also please try running the below online scan:

    http://www.superantispyware.com/onlinescan.html

    Note:

    To avoid additional delay in getting a response, it is strongly advised that after completing the above instructions that you also read this sticky:

    Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     
    TimW, Nov 25, 2009
    #2
  3. Fritter Enzyme

    Fritter Enzyme Private E-2

    I can download to desktop but I can not run any programs. I get: Open File-Security Warning. The publisher could not be verified. Are you sure you want to run this software? Name: C\user\adminisrator\desktop\32kDiag.exe
    Publisher: unknown
    type: EXE file
    from: C\user\adminisrator\desktop\32kDiag.exe
    run cancel

    This file does not have a valid digital signature that verifies it's publisher. You should only run software from publishers that you trust.

    I choose run. I get another security warning:
    The publisher could not be verified. Are you sure you want to run this program?
    name: wn32LDiag.exe
    publisher: unknown publisher
    run cancel

    I choose run. The "file download" window is shown, the exporer opens a window and it all goes away and I go back to the first security warning again. Over and over. I have no recovery disks as I got this used and he lost them.
    Fritter
     
    Fritter Enzyme, Nov 25, 2009
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Then I would suggest that you try installing FireFox as a browser and if you can, then uninstall IE8.

    Then see if you can download or transfer via cd MGtools and save it to your root folder. C:\MGTools.exe. You may need to try changing it from an .exe to a .com extension.

    Tell me what happens.
     
    TimW, Nov 25, 2009
    #4
  5. Fritter Enzyme

    Fritter Enzyme Private E-2

     
    Fritter Enzyme, Nov 25, 2009
    #5
  6. Fritter Enzyme

    Fritter Enzyme Private E-2

    I still can not "run" the firefox program to install it.
     
    Fritter Enzyme, Nov 25, 2009
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You stated the following:

    Are you changing the names of things?

    Also, did you disable the UAC and reboot as per the Read and Run First instructions?

    What happens when you try to run the MGTools.exe? Are you right clicking it and running it as Administrator?

    I need to also know what is running in your process list, so control+Alt+Delete to open task manager and tell me what all is in your process list.
     
    TimW, Nov 28, 2009
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds