Jump to content
mykhrochyp

Deskop and start bar gone

Recommended Posts

I ran a scan, it took 3 hours, and I had over 101 "infected" files. So, i quarantined the lot like it suggested. When I rebooted, I logged in, and there were no desktop icons, and no start bar, and my internet connection was disabled. So, I tried to restart with last known good onfiguratin, no luck. I finnaly got fed up, and restored all the quarantined items, and i rstarted with last best known cofiguration, ad t started fine. So, I don't know wht went wrong, but please do your best to help me understand why it didnt work, thanks

(sorry if wrong section)

Share this post


Link to post
Share on other sites
I ran a scan, it took 3 hours, and I had over 101 "infected" files. So, i quarantined the lot like it suggested. When I rebooted, I logged in, and there were no desktop icons, and no start bar, and my internet connection was disabled. So, I tried to restart with last known good onfiguratin, no luck. I finnaly got fed up, and restored all the quarantined items, and i rstarted with last best known cofiguration, ad t started fine. So, I don't know wht went wrong, but please do your best to help me understand why it didnt work, thanks

(sorry if wrong section)

Post your scan log here from SUPERAntiSpyware.

Share this post


Link to post
Share on other sites

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 10/30/2008 at 09:10 PM

Application Version : 4.21.1004

Core Rules Database Version : 3555

Trace Rules Database Version: 1543

Scan type : Complete Scan

Total Scan Time : 02:42:48

Memory items scanned : 466

Memory threats detected : 6

Registry items scanned : 6219

Registry threats detected : 36

File items scanned : 153268

File threats detected : 66

Trojan.Downloader-NewJuan/VM

C:\WINDOWS\SYSTEM32\WAAAWU.DLL

C:\WINDOWS\SYSTEM32\WAAAWU.DLL

C:\WINDOWS\SYSTEM32\TKEMYD.DLL

C:\WINDOWS\SYSTEM32\TKEMYD.DLL

C:\WINDOWS\SYSTEM32\LVBQKPQL.DLL

C:\WINDOWS\SYSTEM32\LVBQKPQL.DLL

C:\WINDOWS\SYSTEM32\RNNLKA.DLL

C:\WINDOWS\SYSTEM32\RNNLKA.DLL

Trojan.Vundo-Variant/Small-GEN

C:\WINDOWS\SYSTEM32\AWTSSJBY.DLL

C:\WINDOWS\SYSTEM32\AWTSSJBY.DLL

C:\WINDOWS\SYSTEM32\AWTURQGY.DLL

C:\WINDOWS\SYSTEM32\DDCBUMMG.DLL

C:\WINDOWS\SYSTEM32\KHFDUMNE.DLL

Adware.Vundo Variant/Resident

C:\WINDOWS\SYSTEM32\IIFFEXXU.DLL

C:\WINDOWS\SYSTEM32\IIFFEXXU.DLL

Adware.IWinGames

HKLM\Software\Classes\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}\InprocServer32

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}\InprocServer32#ThreadingModel

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}\ProgID

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}\Programmable

HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}\VersionIndependentProgID

HKCR\IEHlprObj.IEHlprObj.1

HKCR\IEHlprObj.IEHlprObj

C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}

C:\PROGRAM FILES\IWIN GAMES\IWINGAMESHOOKIE.DLL

Trojan.Vundo-Variant/NextGen

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E8779B2-78A4-4715-9301-5BCFA6E72FA9}

HKCR\CLSID\{3E8779B2-78A4-4715-9301-5BCFA6E72FA9}

HKCR\CLSID\{3E8779B2-78A4-4715-9301-5BCFA6E72FA9}\InprocServer32

HKCR\CLSID\{3E8779B2-78A4-4715-9301-5BCFA6E72FA9}\InprocServer32#ThreadingModel

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{3E8779B2-78A4-4715-9301-5BCFA6E72FA9}

Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\awtsSJby

Trojan.Vundo-Variant/NextGen-Six

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf252333-2dc5-4693-92c9-d356883e177e}

HKCR\CLSID\{BF252333-2DC5-4693-92C9-D356883E177E}

HKCR\CLSID\{BF252333-2DC5-4693-92C9-D356883E177E}\InprocServer32

HKCR\CLSID\{BF252333-2DC5-4693-92C9-D356883E177E}\InprocServer32#ThreadingModel

Trojan.Vundo-Variant/Small

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC69D9D3-6206-4357-A528-92531107CB85}

HKCR\CLSID\{DC69D9D3-6206-4357-A528-92531107CB85}

HKCR\CLSID\{DC69D9D3-6206-4357-A528-92531107CB85}\InprocServer32

HKCR\CLSID\{DC69D9D3-6206-4357-A528-92531107CB85}\InprocServer32#ThreadingModel

Adware.Tracking Cookie

C:\Documents and Settings\Owner.Mike\Cookies\owner@advertising[1].txt

C:\Documents and Settings\Guest\Cookies\guest@247realmedia[1].txt

C:\Documents and Settings\Guest\Cookies\guest@2o7[1].txt

C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[1].txt

C:\Documents and Settings\Guest\Cookies\guest@adinterax[2].txt

C:\Documents and Settings\Guest\Cookies\guest@adopt.euroclick[2].txt

C:\Documents and Settings\Guest\Cookies\guest@adrevolver[1].txt

C:\Documents and Settings\Guest\Cookies\guest@ads.revsci[1].txt

C:\Documents and Settings\Guest\Cookies\guest@adtech[1].txt

C:\Documents and Settings\Guest\Cookies\guest@advertising[1].txt

C:\Documents and Settings\Guest\Cookies\guest@apmebf[1].txt

C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt

C:\Documents and Settings\Guest\Cookies\guest@azjmp[2].txt

C:\Documents and Settings\Guest\Cookies\guest@bs.serving-sys[1].txt

C:\Documents and Settings\Guest\Cookies\guest@casalemedia[1].txt

C:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt

C:\Documents and Settings\Guest\Cookies\guest@dynamic.media.adrevolver[2].txt

C:\Documents and Settings\Guest\Cookies\guest@fastclick[2].txt

C:\Documents and Settings\Guest\Cookies\guest@imrworldwide[2].txt

C:\Documents and Settings\Guest\Cookies\guest@interclick[1].txt

C:\Documents and Settings\Guest\Cookies\guest@linksynergy[1].txt

C:\Documents and Settings\Guest\Cookies\guest@livenation.122.2o7[1].txt

C:\Documents and Settings\Guest\Cookies\guest@media.adrevolver[1].txt

C:\Documents and Settings\Guest\Cookies\guest@media6degrees[2].txt

C:\Documents and Settings\Guest\Cookies\guest@questionmarket[1].txt

C:\Documents and Settings\Guest\Cookies\guest@realmedia[1].txt

C:\Documents and Settings\Guest\Cookies\guest@revenue[2].txt

C:\Documents and Settings\Guest\Cookies\guest@serving-sys[2].txt

C:\Documents and Settings\Guest\Cookies\guest@www.burstbeacon[2].txt

C:\Documents and Settings\Guest\Cookies\guest@www.burstnet[1].txt

C:\Documents and Settings\Owner.Mike\Cookies\owner@revsci[1].txt

C:\Documents and Settings\Owner.Mike\Cookies\owner@revsci[2].txt

Adware.ClickSpring/Outer Info Network

C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt

C:\Program Files\Outerinfo\FF\components

C:\Program Files\Outerinfo\FF\install.rdf

C:\Program Files\Outerinfo\FF

C:\Program Files\Outerinfo\Terms.rtf

C:\Program Files\Outerinfo

Adware.AdSponsor/ISM

C:\Program Files\GetModule\dicik.gz

C:\Program Files\GetModule\kwdik.gz

C:\Program Files\GetModule

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP550\A0250520.EXE

Adware.Vundo Variant/Rel

HKLM\SOFTWARE\Microsoft\FCOVM

HKLM\SOFTWARE\Microsoft\RemoveRP

C:\WINDOWS\SYSTEM32\MCRH.TMP

Trojan.DNS-Changer (Hi-Jacked DNS)

HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS\INTERFACES\{21A3A9EF-511E-4E0F-9B84-FE9CE9E3A549}#NAMESERVER

HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS\INTERFACES\{2BB570D2-A00E-469C-B50A-EEFE4F29EC50}#NAMESERVER

HKLM\SYSTEM\CONTROLSET002\SERVICES\TCPIP\PARAMETERS\INTERFACES\{7F454A16-56B3-4783-B454-CBC10B5B792B}#NAMESERVER

HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS\INTERFACES\{21A3A9EF-511E-4E0F-9B84-FE9CE9E3A549}#NAMESERVER

HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS\INTERFACES\{2BB570D2-A00E-469C-B50A-EEFE4F29EC50}#NAMESERVER

HKLM\SYSTEM\CONTROLSET003\SERVICES\TCPIP\PARAMETERS\INTERFACES\{7F454A16-56B3-4783-B454-CBC10B5B792B}#NAMESERVER

HKLM\SYSTEM\CONTROLSET004\SERVICES\TCPIP\PARAMETERS\INTERFACES\{21A3A9EF-511E-4E0F-9B84-FE9CE9E3A549}#NAMESERVER

HKLM\SYSTEM\CONTROLSET004\SERVICES\TCPIP\PARAMETERS\INTERFACES\{2BB570D2-A00E-469C-B50A-EEFE4F29EC50}#NAMESERVER

HKLM\SYSTEM\CONTROLSET004\SERVICES\TCPIP\PARAMETERS\INTERFACES\{7F454A16-56B3-4783-B454-CBC10B5B792B}#NAMESERVER

Adware.Unknown Origin

C:\PROGRAM FILES\COMMON FILES\WOQW\WOQWD\CLASS-BARREL

C:\PROGRAM FILES\COMMON FILES\WOQW\WOQWD\VOCABULARY

Trojan.Dropper/SVCHost-Fake

C:\PROGRAM FILES\MICROSOFT COMMON\SVCHOST.EXE

C:\WINDOWS\SVCHOST.EXE

C:\WINDOWS\Prefetch\SVCHOST.EXE-2F05A006.pf

Adware.ClickSpring/Outerinfo

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP551\A0253481.EXE

Unclassified.Unknown Origin/System

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP551\A0253484.DLL

Adware.TargetSavers

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP551\A0253485.EXE

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP551\A0253487.EXE

Unclassified.Unknown Origin

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP551\A0253486.EXE

Browser Hijacker.MJCore

C:\SYSTEM VOLUME INFORMATION\_RESTORE{4E015214-6BB0-4181-B365-456CF1DEC069}\RP551\A0253489.DLL

Trojan.Dropper/CPX

C:\WINDOWS\SYSTEM32\WPV383.CPX

Share this post


Link to post
Share on other sites

The first thing I notice is you are scanning with very old definitions - we are at Core : 3618 and Trace : 1603 - update those first and re-scan your system.

Share this post


Link to post
Share on other sites

for some reason i wont let me update it, isays make sure SUPERANTISPYWARE.xe isnt blocked, and i already checked and the program asa whole isnt blocked, so, is there any wayi can get a maual patch to download for the update, call me dumb but,i cant seem to find it on the site.

Share this post


Link to post
Share on other sites
for some reason i wont let me update it, isays make sure SUPERANTISPYWARE.xe isnt blocked, and i already checked and the program asa whole isnt blocked, so, is there any wayi can get a maual patch to download for the update, call me dumb but,i cant seem to find it on the site.

Manual Updates, read the instructions at the end of the page https://www.superantispyware.com/definitions.html :wink:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...