Jump to content

Dektop icons problem


Recommended Posts

Hi, today I got infected with "Personal Shield Pro" so I downloaded Malwarebytes' Anti-Malware and I did a quick scan.

I thought that the virus was gone because there there weren't any fake anti-virus messeges appearing on my screen but now all of the icons on the dektop don't work. When I click on an icon a window pops up saying "Open with" or else it says that the program has't been foud. I'm starting to think I'm still infected.

Also I can't run any of the anti viruses because of this.

Can someone tell me how to fix this? I'm using a Windows Vista.

Link to post
Share on other sites

Hi Raffa and Welcome to Malwarebytes!

Please download SREng

  • Extract it to Desktop and double click SREngLdr.EXE to run it
  • Select System Repair from the left pane.
  • Click on File Association
  • Select all entries that has an Error status click [Repair]
  • Refer to this image for an example:
    SystemRepair_FileAssocs.gif
  • In your case, it would be .EXE
  • Close SREng now.

Next

Update Run Malwarebytes

  • Launch Malwarebytes' Anti-Malware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

Hi thanks for answering so soon!

The problem is that when I try to run SREngLdr.EXE a window called "open with" appears telling me to choose which program to use to open this file. So I can't do any of the things you suggested. What should I do??

Link to post
Share on other sites

Well, there is more than one way to skin a cat, as we say.

  • Download FixPolicies.exe by Bill Castner and save it to your desktop.
  • Double click on FixPolicies.exe to run it.
  • Click on Install. It will create a folder named FixPolicies on your desktop.
  • Open the FixPolicies folder.
  • Double click on Fix_policies.cmd to run it. Command Prompt will open and close quickly this is normal.
  • Reboot your computer after it runs

Then Launch Malwarebytes.

Link to post
Share on other sites

Hi, I'm getting the same problem as before: there's a window aking me which program I want to use to open FixPolicies.exe. Of course I can't choose a program because I want to install it. So I'm stuck.

I've attached an image showing the window that keeps coming up. I don't know if this will help or if I'm not supposed to. The text is in italian because I come from Italy but you should get the idea of what I'm refering to.

Thanks again.

Link to post
Share on other sites

Fix Executable File Associations:

  • Please download UnHookExec.inf from here and save it to your desktop
  • Note: if the file just opens as text in your browser window, right click on the link and select Save Target As...
  • Right-click on UnHookExec.inf and select Install
  • Once you've done that, restart your computer
  • You should now be able to run EXE, COM, BAT, PIF, REG and SCR files as well as use Regedit again

Post the log from Malwarebytes in your next reply.

Link to post
Share on other sites

Let's try this here. Make sure extensions are shown, see here how to do this.

Then, navigate to the C:\Program Files\Malwarebytes' Antimalware folder and locate the file mbam.exe in there

Rename mbam.exe to mbam.com

Then, doubleclick mbam.com. This will allow malwarebytes to open. First use the update tab and check if there are updates. Download the updates.

Then, perform a quick scan and let Malwarebytes remove what it found. Reboot afterwards.

Link to post
Share on other sites

We need to look at some information about what is going on in your computer:

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your Thread

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

Link to post
Share on other sites

I strongly recommend you to remove Ask from your computer because it;

  • Promoting its toolbars on sites targeted to kids.
  • Promoting its toolbars through ads that appear to be part of other companies' sites.
  • Promoting its toolbars through other companies' spyware.
  • Installing without any disclosure whatsoever and without any consent whatsoever.
  • Soliciting installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.
  • Making confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

See Here for more info.

If you choose to follow my recommendation then please go to Start,Control Panel,Add/Remove Programs and remove the following programs if present.

  • Ask Toolbar

Other than this your logs looks good. Please run this online scan to help look for remnants. To make sure.

ESET Online Scanner

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Just in case you did not save the ESET log. Click Start, Run and type or copy and paste everything in the code box below into the Open dialogue box:

C:\Program Files\ESET\EsetOnlineScanner\log.txt

Please copy and paste the contents of log.txt in your next reply.

Link to post
Share on other sites

Ok thanks. I got rid of Ask. As for the other instructions, on step 6 of your list I got this message "Unexpected error: you are using ESET Online Scanner for the first time. Downloading the signature database may take some time, depending on your connection speed" is that ok?

Link to post
Share on other sites

I thought that maybe the antivirus were interfering. The only problem is that I can't seem to disabilitate them. I have to turn off Avira, McAfee and Microsoft Windows Defender. I read the isnstructions on the link you gave me but both the Avira and Microsoft Windows Defender icons have disappeared from the system tray on the bottom right hand corner and the McAfee icon doesn't have an exit option when you right click on it. Any tips?

Link to post
Share on other sites

Try this one:

Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!

  • Follow the Instruction Here for installation.
  • Accept the License Agreement.
  • Once the ActiveX installs,Click Full System Scan
  • Once the download completes,the scan will begin automatically.
  • The scan will take some time to finish,so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and Copy&Paste the entire report in your next reply.

Link to post
Share on other sites

This tells me your PC is still infected.

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

---------------------------------------------------------------------------------------------

  1. Download ComboFix from below:
    Combofix download
    * IMPORTANT !!! Place combofix.exe on your Desktop
  2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  3. Double click on combofix.exe & follow the prompts.
  4. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    cfRC_screen_1.png
    The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.
    With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.
    ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:
    The Recovery Console was successfully installed.
    cfRC_screen_2.png
    Click on Yes, to continue scanning for malware.
  5. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  6. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply.
    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
    ---------------------------------------------------------------------------------------------
  7. Ensure your AntiVirus and AntiSpyware applications are re-enabled.
    ---------------------------------------------------------------------------------------------

Link to post
Share on other sites

That's the problem. I can't disable AntiVir because the umbrella icon has disappeared from my taskbar and I can't open the program because the same old window pops up asking me what program I want to use to open it with. So I don't know if it's disabled. Do you think I can run ComboFix even without disabling AntiVir? Or maybe do you know another way to access the program?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.