SystemDir.explorer and SystemDir.regedit infected

View previous topic View next topic Go down

SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Tue Apr 20, 2010 7:07 am

Sory for this new topic which is the same as
[You must be registered and logged in to see this link.]
but i can not contact staff members becouse i dont have posts on this forum. I am n00b

I have the same problem as mister on above link but i can not find explorer.exe and regedit.exe in System32 folder, even if i checked radioi button in Folder options - View - Show hidden files and folders and even if i move checked sign from Hide protected system files (Recomended).

Antirootkit software can not find nothing. I have windows vista 64bit. Since that "viruses" or something apered I am having freezes of my computer after that I must restart Os. I am desperate and i dont know what to do. Can u help?

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Tue Apr 20, 2010 12:04 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

OTL.Txt & Extras.Txt

Post by kiki3000 on Wed Apr 21, 2010 7:11 am

Ty for reply.
I tried to put 2 logs in 2 posts but again i get: The posted message is too big.
So i put these 2 files in .rar file which can be downloaded on folowing link:
[You must be registered and logged in to see this link.]
I hope this is ok, if not plz let me know.

And I must report next information which i get yesterday.
The author of Bazooka scaner said that Bazooka does not suport 64bit Vista which can be seen from his email.

Hello Ivanko,

Sorry for delay.

I see that you are running a 64-bit operating system. I think that Bazooka is giving you a false alarm here, since it has never been tested on 64-bit systems. Another user reported a similar issue some weeks ago, and he also ran a 64-bit system. Sorry about that.

My current focus these days is on another application called FreeFixer. It's also dedicated to find and remove malware. FreeFixer does not support the 64-bits yet, but really close to having the 64-bit version ready. Should be released next week.

/Roger

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Wed Apr 21, 2010 4:03 pm

Hello.
Please upload the logs to rapidshare instead, MF is slow for me.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Wed Apr 21, 2010 7:42 pm

[You must be registered and logged in to see this link.]
ty

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Wed Apr 21, 2010 9:25 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Thu Apr 22, 2010 6:15 am

Malwarebytes' Anti-Malware 1.45
[You must be registered and logged in to see this link.]

Database version: 4020

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

22.4.2010 8:07:35
mbam-log-2010-04-22 (08-07-35).txt

Scan type: Quick scan
Objects scanned: 104933
Time elapsed: 3 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files (x86)\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files (x86)\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files (x86)\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Thu Apr 22, 2010 6:54 pm

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Fri Apr 23, 2010 8:40 am

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

Just this in log but 8 threats are founded! Smile)))

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Fri Apr 23, 2010 9:03 am

The same problem again. After ESET scan i put my Kaspersky Internet security 2010 to full scan and system freeze happened again. Becouse of that freeze i can not do scan with Kespersky. Are there somo more scans that I can do?

Maybe it is not the virus, maybe it is hardware problem. I said that becouse I was unable to put win7 on my comp. On coputer service they tested all components, all but motherboard - and they said that problem is probaly in motherboard. It si Assus ROG Striker. And since first day i get this motherboard, the onboard sound card is not working, i can hear but i can not talk and i was forced to buy new sound card. So maybe the problem is in motherboard. Are there some software that can test motherboard?

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Fri Apr 23, 2010 3:41 pm

Hello.
What processor does this machine have? x64 bit machines usually have AMD Athlons.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Sun Apr 25, 2010 9:38 am

Intel Core 2 Quad 2,4

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Sun Apr 25, 2010 9:39 am

I sucided to run complete scan with Kaspersky IS 2010 Resecue cd which boot to linux gui and runs complete scan. After whole night scan he founded some trojan. The block or freeze of system hapened again this morning.

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Sun Apr 25, 2010 9:41 am

But in C or sistem disk i have Program files (x86) not x64?

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Sun Apr 25, 2010 9:12 pm

Did Kaspersky remove the malware?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Mon Apr 26, 2010 11:44 am

yes

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Mon Apr 26, 2010 9:20 pm

Still having problems now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Tue Apr 27, 2010 11:57 am

The "freeze" of system or windows after which i have to press restart button on my comp case still happening - but not so often as before. I will run complete scan with Kaspersky again and i don't see any other thing that i can do. Thank u very much for help!

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Thu May 06, 2010 6:45 pm

Here is the present situation.
I have virus which was on my exterlnad WD disk or on my other 2 incoumputer disks.

When i buy kasperski is 2010 i never run complete scan becouse i consider my comp safe.

First time i tried scan - comp freezed and i must done restart.

I booted from kaspersky rescue disk into isolinux and run scan of all disk - but not for the exterland wd disk.

Now that exterlnal wd disk is formated and detached from computer and power sorce. Now i have only 2 incomputer disks.

Now, for some reason I can not boot from kaspersky rescue disk?!!
If i can only do that and run a complete scan i would be finaly safe or i would know for sure that i have bad component in my comp.

Can u help me to boot into kaspersky rescue disk?
My laptop can not boot to kaspersky rescue disk too. I dont know, may be image file is corupted and kaspersky lab will corect that. Or i dont know no more..

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by Belahzur on Thu May 06, 2010 9:19 pm

Hello.
Are you able to format the machine as a last resort?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: SystemDir.explorer and SystemDir.regedit infected

Post by kiki3000 on Fri May 07, 2010 7:35 am

One disk i can kill - but the other disk is full of important 5 year to colect data.
But to return Macromedia master colection, nero 10, office 10, mw2, email aconts all that trouble is too much job. Not to mention returning complete other non system disk from example exterlan wd disk 250gb of data. Becouse of that I am trying to fight this. That kaspersky scan is my only and last option before THE BIG KILL - but, for some reason, the f cd can not boot - never mind that he booted last time without the problem. I hate computers..

kiki3000
Novice
Novice

Status :
Online
Offline

Posts : 13
Joined : 2010-04-20
OS : vista 64bit

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum