Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91824 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] No icons, no Start menu, no Safe Mode!


  • This topic is locked This topic is locked
38 replies to this topic

#31 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 27 October 2009 - 10:25 AM

Hi Cheryl, Have a look on the desktop for a notepad called OTL.txt. Yes you can do the scan. Thanks

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

    Advertisements

Register to Remove


#32 ~Cheryl~

~Cheryl~

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 27 October 2009 - 11:33 AM

It saved under a funny name, I looked for OTL.txt but I didn't delete the one from yesterday so maybe that's why. Anyway, now I can't get the ESET log up! Says windows cannot find it so I will have to try and run it again tomorrow. Thanks ========== OTL ========== Process Explorer.EXE killed successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{6E6624DD-AB4A-45E9-B9B7-393CB62C45ED} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{6E6624DD-AB4A-45E9-B9B7-393CB62C45ED}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Settings\ not found. ========== FILES ========== ========== COMMANDS ========== OTL by OldTimer - Version 3.0.22.1 log created on 10272009_170152

#33 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 28 October 2009 - 01:47 AM

Hi Cheryl,

Are you sure there isn't a file at C:\Program Files\EsetOnlineScanner

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

#34 ~Cheryl~

~Cheryl~

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 28 October 2009 - 06:04 AM

It says windows cannot find that file but when I look in Program Files under ESET I have a Modules Folder, a Quarantine Folder, ESETSmartInstaller.exe, OnlineCmdLineScanner.exe, OnlineCmdLineScannerA.exe, OnlineScannerApp.exe and OnlineScannerUninstaller.exe. When I open OnlineCmdLineScanner.exe and OnlineCmdLineScannerA.exe it brings up a black screen. I will try running it again now and see what happens.

#35 ~Cheryl~

~Cheryl~

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 28 October 2009 - 06:29 AM

Okay, so I had a little bit of a blonde moment there... When I went to "run" I didn't change the option from Programs to All Files so it didn't show up! It's still odd that windows couldn't find it, isn't it? Anyway, here it is: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=d08b284347e8184c829bc24838af9d76 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2009-10-27 05:28:49 # local_time=2009-10-27 05:28:49 (+0000, GMT Standard Time) # country="United Kingdom" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 92752 92752 0 0 # compatibility_mode=1024 16777191 100 0 1654730 1654730 0 0 # compatibility_mode=8192 67108863 100 0 3769 3769 0 0 # scanned=34786 # found=0 # cleaned=0 # scan_time=1031 # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=d08b284347e8184c829bc24838af9d76 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=false # utc_time=2009-10-28 12:23:22 # local_time=2009-10-28 12:23:22 (+0000, GMT Standard Time) # country="United Kingdom" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 160874 160874 0 0 # compatibility_mode=1024 16777191 100 0 1722852 1722852 0 0 # compatibility_mode=8192 67108863 100 0 71891 71891 0 0 # scanned=34669 # found=0 # cleaned=0 # scan_time=983

#36 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 28 October 2009 - 11:03 AM

Hi Cherl,

Everythings looks ok.

If no other problems, we can clean up our tools.

From your desktop, please delete
  • any notepads/logs that we created
  • fix.bat
  • GMER.zip
  • GMER.exe
Eset online can be removed via add/remove programs if you wish.

In Windows Explorer, delete

c:\Cheryl.txt

Eset online can be removed via add/remove programs if you wish.

I suggest you keep MBAM, keep it updated and use it regularly.


Next

Click the Start button, click Run. Copy and paste the following line into the run box and click OK
Combofix /Uninstall


Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.


Updates and upgrades

You have an older version of Adobe Reader. You can download the current version HERE

You may want to consider Foxit Reader instead. It may be a bit lighter on resources.

Visit their support forum
Foxit Forum

In either case you should uninstall Adobe Reader 8.1.3 first. Be sure to move any PDF documents to another folder first though.


Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. You are missing a resident antispyware and a firewall program.

I recommend you use an antispyware program with resident (real time) scanning. I suggest

Windows Defender
OR
Winpatrol


* If you are behind a router Windows firewall should be fine. Otherwise a 3rd party firewall with outbound monitoring is recommended.

Click FIREWALL for tips, reviews and links to good, free and paid for firewalls. (Note: Zone Alarm is becoming bloatware)


You should also use Spyware Blaster to help immunize your computer.

- SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs.

OR

A guide to understanding and using the hosts file.

Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS

Please read the info on disabling the DNS Client before installing a custom hosts file.


-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.


- Keeping your Windows up-to-date is crucial to your computer's security. Please go to the Windows Update Site (using Internet Explorer) and download and install all critical updates on a regular basis.


- Ensure that Automatic Update is turned on so you get all the latest patches.
Click start, control panel, click Security Center.


- Keep your antivirus program updated, as well as any other security programs you have.


-Check this site out to check for out of date programs
Secunia Personal Software Inspector (PSI) 1.0


-More tips and programs can be found HERE


- You may also want to read this article By Tony Klein
http://www.freedomli...pic.php?t=22879

We will keep this thread open for a couple of days. Please post back if you have any problems or questions. Please post back when you have finished so this thread can be marked "Resolved".

Take care :adios:

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

#37 ~Cheryl~

~Cheryl~

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 29 October 2009 - 11:04 AM

Thank you so much, everything is running wonderful. And thanks for all the links, I have downloaded and updated everything. Hopefully you will never have to hear from me again!! You are a legend :notworthy: Cheryl :adios:

#38 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 29 October 2009 - 01:52 PM

Hi Cheryl,

Hopefully you will never have to hear from me again!!

Though it dosen't sound very nice, I feel the same way. :lol:

You are very welcome.

Take care and keep safe.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

#39 oldman960

oldman960

    Forum God

  • Classroom Teacher
  • 14,755 posts

Posted 01 November 2009 - 12:03 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation Posted Image
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Posted Image

Threads will be closed if no response after 5 days.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users