Ok, I seem to have a string of problems.
1) When I try to logon, I get a message saying userinit failed to initialise
2) I have to manually start explorer.exe as a process
3) It then says rundll.exe failed to initialise
4) If I run cmd.exe, it also says it failed to initialise
5) Autoupdate becomes disabled
6) No control panel functions work
ESET has recently quarantined quite a few files. These are:
28/05/2008 8:51:25 PM Real-time file system protection file F:\Autorun.inf Win32/AutoRun.KP worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
30/05/2008 1:12:20 PM Real-time file system protection file C:\DOCUME~1\STASM~1\LOCALS~1\Temp\NERO14768\Toolbar.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\DOCUME~1\STASM~1\LOCALS~1\Temp\Nero-8.3.2.1_eng_trial_2.exe.
30/05/2008 2:40:21 PM Real-time file system protection file E:\Autorun.inf Win32/PSW.OnLineGames.NLE trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
31/05/2008 12:29:58 AM Real-time file system protection file C:\DOCUME~1\STASM~1\LOCALS~1\Temp\removalfile.bat Win32/Adware.Virtumonde application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\mslatest_updt.exe. Note: this one repeats many times (every time i boot)
31/05/2008 2:06:48 PM HTTP filter file HTTP 62.4.83.200/kb713501.exe?&uid=6A094B842E5511DDB3AB154928CFFFFF&rid=mm2&guid=64B4E773C8C24893A78CDD3EB17D310B&affid=154928"] HTTP 62.4.83.200/kb713501.exe?&uid=6...mp;affid=154928Win32/PrivacySet.B trojan connection terminated - quarantined STAS-NB\Stas M Threat was detected upon access to web by the application: C:\WINDOWS\explorer.exe. This seems to be that SmitFraud virus, but I can't run the smitfraudfix as my cmd.exe doesn't work
Hijack this log attached
1) When I try to logon, I get a message saying userinit failed to initialise
2) I have to manually start explorer.exe as a process
3) It then says rundll.exe failed to initialise
4) If I run cmd.exe, it also says it failed to initialise
5) Autoupdate becomes disabled
6) No control panel functions work
ESET has recently quarantined quite a few files. These are:
28/05/2008 8:51:25 PM Real-time file system protection file F:\Autorun.inf Win32/AutoRun.KP worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
30/05/2008 1:12:20 PM Real-time file system protection file C:\DOCUME~1\STASM~1\LOCALS~1\Temp\NERO14768\Toolbar.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\DOCUME~1\STASM~1\LOCALS~1\Temp\Nero-8.3.2.1_eng_trial_2.exe.
30/05/2008 2:40:21 PM Real-time file system protection file E:\Autorun.inf Win32/PSW.OnLineGames.NLE trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
31/05/2008 12:29:58 AM Real-time file system protection file C:\DOCUME~1\STASM~1\LOCALS~1\Temp\removalfile.bat Win32/Adware.Virtumonde application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\mslatest_updt.exe. Note: this one repeats many times (every time i boot)
31/05/2008 2:06:48 PM HTTP filter file HTTP 62.4.83.200/kb713501.exe?&uid=6A094B842E5511DDB3AB154928CFFFFF&rid=mm2&guid=64B4E773C8C24893A78CDD3EB17D310B&affid=154928"] HTTP 62.4.83.200/kb713501.exe?&uid=6...mp;affid=154928Win32/PrivacySet.B trojan connection terminated - quarantined STAS-NB\Stas M Threat was detected upon access to web by the application: C:\WINDOWS\explorer.exe. This seems to be that SmitFraud virus, but I can't run the smitfraudfix as my cmd.exe doesn't work
Hijack this log attached