Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Error Signature @ startup!


  • Please log in to reply

#1
xpee

xpee

    New Member

  • Member
  • Pip
  • 6 posts
At Startup a little box appears while my desktop goes blank c:\sud\ssow\desktop.ini

Then the Windows explorer error box appears..

My Desktop reappears but My Avg 9 Components are disabled..
I have Spybot, spyware guard, spyware blaster, Malwarebytes, Ad aware, did a scan with most of them, I thought I deleted the cause but my comp still appears to be affected. Here is the Panda Security Active Log of today!! ps. Panda said it dissinfected and cured the cause, but its a bunch of B.S.!! Please Please help..

;***********************************************************************************************************************
************************************************************
ANALYSIS: 2009-11-20 14:30:58
PROTECTIONS: 2
MALWARE: 2
SUSPECTS: 0
;***********************************************************************************************************************
************************************************************
PROTECTIONS
Description Version Active Updated
;=======================================================================================================================
============================================================
AVG Anti-Virus Free 8.5 Yes Yes
avast! antivirus 4.8.1356 [VPS 091119-1] 4.8.1356 Yes Yes
;=======================================================================================================================
============================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;=======================================================================================================================
============================================================
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\sud\ssow\desktop.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp483\a0122551.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp483\a0122560.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp485\a0122684.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp485\a0122709.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp485\a0123524.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp487\a0123658.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp489\a0123996.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp489\a0124010.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp489\a0125010.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp490\a0125028.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0130104.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129962.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0127699.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0128699.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129699.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129712.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129723.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129732.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129742.ini
02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp498\a0129953.ini
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp489\a0123871.exe
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\system volume information\_restore{26222744-a7e6-4fe2-a306-f94d2c2fec99}\rp490\a0126399.exe
;=======================================================================================================================
============================================================
SUSPECTS
Sent Location
;=======================================================================================================================
============================================================
;=======================================================================================================================
============================================================
VULNERABILITIES
Id Severity Description
;=======================================================================================================================
============================================================
;=======================================================================================================================
============================================================

Thank you very much!! Lets slay this little Goblin!! :)
  • 0

Advertisements


#2
xpee

xpee

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Error Signature at Startup..
AppName: explorer.exe AppVer: 6.0.2900.5512 ModName: unknown
ModVer: 0.0.0.0 Offset: 7342611a

This site has already helped me remove the Malware issue I had but the error message always appears when I start up, if I dont click "Close" on the box, then My taskbar and desktop icons are frozen, When I close the box, the desktop dissapears for a couple of seconds then its ok...

1 more thing, My spywareguard is no longer on my taskbar and if I try to run it, I get the stupid error message!
How Can I resolve this really annoying issue? Thanks you to all the hard workin/intelligent techs on this site!
Peace!!!

ps..My last Malwarebytes scan !!

Malwarebytes' Anti-Malware 1.41
Database version: 3196
Windows 5.1.2600 Service Pack 3

11/20/2009 9:46:22 PM
mbam-log-2009-11-20 (21-46-22).txt

Scan type: Quick Scan
Objects scanned: 119652
Time elapsed: 20 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67kln5j0-4opm-01we-aax2-5657qca554112} (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\SUD\SSOW\sep.exe (Backdoor.Bot) -> Delete on reboot.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP