Explorer not loading automatically

[mandeep]

i am using windows vista basic[/quote]

actually i took lots of time to download and perform scan by all the softwares prescribed in your 8 steps
here are the logs obtained
please tell wat to do next.

can u plz check my logs and tell me if there is any problem or not
thanks

actually i have disabled mcafee anti virus and installed bit defender
Should i remove mcafee or remain it disabled only?
waiting for more suggestions
thanks for ur suggestion

A couple of weeks ago I had been attacked by spyware. McAfee Security Center and Windows Defender, does not detect any spyware . The problem was that explorer.exe does not load automatically on login. This means I get my wallpaper but nothing else – no icons, no start menu, no taskbar. No task manager was there to run explorer.exe, .Then i opened i computer through safe mode with command prompt.then put the command to open explorer. Besides the fact that I don’t really want to manually jump start explorer.exe every time I log in, it makes me wonder if there is a bigger problem lurking in the background.then i saw a registry error, i made it correct but i have still many viruses in my d:/ drive like gphone.exe ,new folder.exe and many other viruses so i adopted "UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions"and logs are posted above.


anyone have any suggestions on what this might be?

Thanks!

 

[touch]

Hello mandeep

I´ll suggest you remove mcafee, using this guide:
http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS100507

Reboot, attach new hijackthis log, and tell, have you make modifications to explorer exe:
F2 - REG:system.ini: Shell=Explorer.exe

Also, are you using proxy server, or are the computer running as server ?

 

[mandeep]

yes i have made modification in shell
Earlier it was Shell=explorer.exe gphone.exe
i made it correct to explorer.exe
actually gphone.exe is a virus which is in my d drive after the attack of this virus my explorer was not opening so i opened it with command prompt and made change in registry.now explorer is working but some virus are there
i am using proxy server
thanks for your reply

THANKS

 

[touch]

Ok. Let´s dig deeper then ->

Please download combofix here -> https://www.techspot.com/downloads/5587-combofix.html

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

 

[mandeep]

comofix scan done

i have done combofix scan
log file is attached
is there any problem in registry :shell=explorer.exe
or everything is all right.?

 

[mandeep]

Also,
roxio UPnp has stopped working and closed.window will notify if solution is available.
this message always come after booting
wat should i do

 

[touch]

P2P software/programs are a major contributor to your infections.

We reserve the right to withdraw our support:
If such programs are found in your logs
Should you not agree to their removal.
As they are normally set to bypass your Firewall and Anti-Virus software
Filesharing/P2P Programs serves as a constant threat to your computer

Uninstall:
c:\program files\BitTorrent

You decide

 

[mandeep]

hi

i have deleted c:\ programfiles\bit torrent
wat about p2p i am not getting.

 

[touch]

P2p is also fileharing. Run combofix again, and attach the log it produce

 

[mandeep]

i ran combofix again and
here is a log
also photo of my d drive is attached ,in which gphone .exe is a virus and in every folder there are virus of its name
eg. in dell folder there is dell.exe

 

[mandeep]

photo

photo of d drive is attached here

 

[mandeep]

hii

have u seen virus named gphone.exe in d :/ drive

 

[touch]

Sorry, I´ve missed you

Download Flash_Disinfector.exe by sUBs from http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
and save it to your desktop.

Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.

Wait until it has finished scanning and then exit the program.
Reboot your computer when done.
Attach fresh combofix log

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

 

[mandeep]

i have downloaded flash disinfector.exe ,as u have told
but it is not showing anything on double-clicking
then i have searched autorun.inf in c:/ drive but i get 'autorun.inf.vir'(96 bytes) which is created on the date on which virus has entered in my computer.
plz tell is has virus done something ?
thnks for ur reply.

 

[touch]

I can´t tell before I see a fresh combofix log.

 

[mandeep]

then i have searched autorun.inf in c:/ drive but i get 'autorun.inf.vir'(96 bytes) which is created on the date on which virus has entered in my computer
photo is attached.
fresh combofix log is also attached
thanks

 

[o4u2sweat]

Backup data to folder on c:\ drive create a new user ( Admin access ) blow away all other profiles and logon with the new Admin profile.