Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

cannot open anything

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

cannot open anything

Unread postby ally-x » April 6th, 2008, 8:15 am

Hi there,
Hope someone can help me, I can't seem to open anything on my pc the only message I get is 'windows cannot find*****make sure you typed the name correctly and try again'
I've tried to download and open hijackthis but although I see it on my desktop it fails to run, as does anything.
I managed to run spbot and although it found loads of stuff it can't fix them,
Any help to fix this would be appreciated as I don't know what to do next
ally-x
Active Member
 
Posts: 4
Joined: April 6th, 2008, 7:23 am
Advertisement
Register to Remove

Re: cannot open anything

Unread postby random/random » April 10th, 2008, 10:45 am

I need a spybot report to see what it's detecting

To do this:

  • Run a scan with Spybot
  • Right click in the results window and click Copy results to clipboard
  • Then use ctrl+v or right click>paste to paste the results a reply to this topic
User avatar
random/random
Developer
Developer
 
Posts: 7731
Joined: December 18th, 2005, 3:30 pm

Re: cannot open anything

Unread postby ally-x » April 10th, 2008, 4:19 pm

Here's the log, hope this helps as i've not got a clue




Inet Delivery: User settings (Registry key, nothing done)
HKEY_USERS\.default\Software\Inet Delivery

Inet Delivery: User settings (Registry key, nothing done)
HKEY_USERS\s-1-5-18\Software\Inet Delivery

Inet Delivery: Uninstall settings (Registry key, nothing done)
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery

Inet Delivery: Uninstall settings (Registry key, nothing done)
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery

Inet Delivery: Program directory (Directory, nothing done)
C:\Program Files\Inet Delivery\

GoldenPalace.Casino: Uninstall settings (Registry key, nothing done)
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW

GoldenPalace.Casino: Uninstall settings (Registry key, nothing done)
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golden Palace Casino NEW

MagicControl.Agent: Uninstall settings (Registry key, nothing done)
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent

MagicControl.Agent: Uninstall settings (Registry key, nothing done)
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent

MagicControl.Agent: Program directory (Directory, nothing done)
C:\WINDOWS\mslagent\

Win32.Agent.pz: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit=...C:\WINDOWS\system32\ntos.exe,...

Smitfraud-C.: Autorun settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\.default\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel!=W=0

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel!=W=0

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\.default\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions!=W=0

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\s-1-5-21-1060284298-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions!=W=0

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions!=W=0

Microsoft.WindowsSecurityCenter.TaskManager: Settings (Registry change, nothing done)
HKEY_USERS\.default\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr!=dword:0

Microsoft.WindowsSecurityCenter.TaskManager: Settings (Registry change, nothing done)
HKEY_USERS\s-1-5-21-1060284298-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr!=dword:0

Microsoft.WindowsSecurityCenter.TaskManager: Settings (Registry change, nothing done)
HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr!=dword:0

Microsoft.WindowsSecurityCenter.RegistryTools: Settings (Registry change, nothing done)
HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools!=dword:0

Microsoft.WindowsSecurityCenter.RegistryTools: Settings (Registry change, nothing done)
HKEY_USERS\s-1-5-21-1060284298-1580436667-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools!=dword:0

Microsoft.WindowsSecurityCenter.RegistryTools: Settings (Registry change, nothing done)
HKEY_USERS\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools!=dword:0

Microsoft.WindowsSecurityCenter.RegistryTools: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools!=dword:0

Microsoft.WindowsSecurityCenter.TaskManager: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableTaskMgr!=dword:0

MediaUpdate: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{B8C0220D-763D-49A4-95F4-61DFDEC66EE6}

BraveSentry: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1

PWS.LDPinchIE: User settings (Registry value, nothing done)
HKEY_USERS\.default\Software\Microsoft\Windows\CurrentVersion\Explorer\idstrf

PWS.LDPinchIE: User settings (Registry value, nothing done)
HKEY_USERS\s-1-5-21-1060284298-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\idstrf

PWS.LDPinchIE: User settings (Registry value, nothing done)
HKEY_USERS\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\idstrf

Win32.Agent.ac: Settings (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{54645654-2225-4455-44A1-9F4543D34545}

Zlob.DNSChanger: TCP/IP Settings #1 (Undefined) (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer=208.67.220.220,208.67.222.222

Virtumonde: Settings (Registry key, nothing done)
HKEY_USERS\.default\Software\mwc

Virtumonde: Settings (Registry key, nothing done)
HKEY_USERS\s-1-5-21-1060284298-1580436667-725345543-1003\Software\mwc

Virtumonde: Settings (Registry key, nothing done)
HKEY_USERS\s-1-5-18\Software\mwc

Zlob.Downloader.vcd: Uninstall settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-11-04 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-07-31 Tools.dll (2.1.2.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-10-31 Includes\Cookies.sbi (*)
2007-10-31 Includes\Dialer.sbi (*)
2007-10-31 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-10-31 Includes\HijackersC.sbi (*)
2007-10-04 Includes\Keyloggers.sbi (*)
2007-10-31 Includes\KeyloggersC.sbi (*)
2007-10-24 Includes\Malware.sbi (*)
2007-10-31 Includes\MalwareC.sbi (*)
2007-10-24 Includes\PUPS.sbi (*)
2007-10-31 Includes\PUPSC.sbi (*)
2007-10-31 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-10-31 Includes\SecurityC.sbi (*)
2007-10-24 Includes\Spybots.sbi (*)
2007-10-31 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-11-01 Includes\Trojans.sbi (*)
2007-10-31 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll
ally-x
Active Member
 
Posts: 4
Joined: April 6th, 2008, 7:23 am

Re: cannot open anything

Unread postby random/random » April 10th, 2008, 5:01 pm

I am sorry to inform you that one or more of the identified infections on your system is a Backdoor Trojan.

Backdoor Trojans are the most dangerous and most widespread type of Trojan. Backdoor Trojans provide the author or "master" of the Trojan with remote "administration" of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, Backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

In addition to the Backdoor Trojans that have been identified, your computer is afflicted with multiple other infections. Although we can make an attempt to clean this machine, we cannot guarantee that it will be secure afterwards. Your best and safest course of action is a reformat and reinstallation of the Windows operating system.

If you do decide to attempt cleaning rather than a reformat, do understand that although we may be able to remove all known visible malware, we cannot guarantee that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damages it may possibly have caused to vital system files.

Please note that even if we should be successful in removing these infections from your system, it is quite possible that the changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat.

Should you have any questions, please feel free to ask.
User avatar
random/random
Developer
Developer
 
Posts: 7731
Joined: December 18th, 2005, 3:30 pm

Re: cannot open anything

Unread postby ally-x » April 10th, 2008, 5:46 pm

random/random wrote:I am sorry to inform you that one or more of the identified infections on your system is a Backdoor Trojan.

Backdoor Trojans are the most dangerous and most widespread type of Trojan. Backdoor Trojans provide the author or "master" of the Trojan with remote "administration" of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, Backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

In addition to the Backdoor Trojans that have been identified, your computer is afflicted with multiple other infections. Although we can make an attempt to clean this machine, we cannot guarantee that it will be secure afterwards. Your best and safest course of action is a reformat and reinstallation of the Windows operating system.

If you do decide to attempt cleaning rather than a reformat, do understand that although we may be able to remove all known visible malware, we cannot guarantee that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damages it may possibly have caused to vital system files.

Please note that even if we should be successful in removing these infections from your system, it is quite possible that the changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat.

Should you have any questions, please feel free to ask.


Thanks for letting me know tha bad news! I think my kids have been playing about with it, I have some photos and stuff on it, is there anyway that I can keep these or backup to save them?
Lastly what is the best way to reformat
Thanks
ally-x
Active Member
 
Posts: 4
Joined: April 6th, 2008, 7:23 am

Re: cannot open anything

Unread postby random/random » April 10th, 2008, 5:52 pm

I suggest that you save the photos and other documents to CD/DVD or other external media.

You can read about reformatting here:

When Should I Format, How Should I Reinstall
User avatar
random/random
Developer
Developer
 
Posts: 7731
Joined: December 18th, 2005, 3:30 pm

Re: cannot open anything

Unread postby askey127 » April 20th, 2008, 5:35 pm

This topic is now closed due to inactivity. If you wish it to be reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

If it has been 10 days or more since your last post, and the helper assisting you posted a response to which you did not reply, this topic will not be reopened. If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread in your new topic.

You can help support this site from this link :
Donations For Malware Removal

Please do not contact us to reopen this topic if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 31 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware