1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Problem when starting up Windows XP....

Discussion in 'Malware and Virus Removal Archive' started by mats99, 2006/10/19.

  1. 2006/10/19
    mats99

    mats99 Inactive Thread Starter

    Joined:
    2006/10/19
    Messages:
    4
    Likes Received:
    0
    Hi everyone...

    New poster... but i have an issue when i start up my PC i hope someone can help me with :p

    The PC starts up.. with the desktop background and then i get the following error message (with the red circle and white cross)

    Unable to locate C:\WINDOWS\04442927.exe

    What is this saying and any ideas how i can resolve this?

    Any help is appreciated :)

    Thank You
     
    mats99,
    #1
  2. 2006/10/19
    Bill Castner

    Bill Castner Inactive

    Joined:
    2006/08/30
    Messages:
    1,980
    Likes Received:
    0
    Bill Castner,
    #2


  3. to hide this advert.

  4. 2006/10/19
    mats99

    mats99 Inactive Thread Starter

    Joined:
    2006/10/19
    Messages:
    4
    Likes Received:
    0
    Thanks Bill

    however when i perform the 1st step (CTRL+ALT+DEL) i cannot locate 04442927... the error message says 'Windows Cannot Find' so perhaps this is why?

    Mat
     
    mats99,
    #3
  5. 2006/10/19
    Whiskeyman Lifetime Subscription

    Whiskeyman Inactive Alumni

    Joined:
    2005/09/10
    Messages:
    1,772
    Likes Received:
    37
    Whiskeyman,
    #4
  6. 2006/10/19
    mats99

    mats99 Inactive Thread Starter

    Joined:
    2006/10/19
    Messages:
    4
    Likes Received:
    0
    Thanks, my problem is as mentioned above...

    A Panda ActiveScan revealed this log:

    Incident Status Location

    Virus:W32/Brontok.AN.worm Disinfected C:\WINDOWS\Ad22098\qm10563.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\WINDOWS\SY20118\ib9573.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0000.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0001.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0002.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0003.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0007.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0008.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0009.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0010.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0011.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0012.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0013.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.000\FILE0014.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Sample Pictures.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\All Users\Documents\My Pictures\My Pictures.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\All Users\Documents\My Music\Sample Music\Sample Music.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\All Users\Documents\My Music\My Music.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\All Users\Documents\SharedDocs.exe
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\Administrator\Local Settings\Application Data\dv6211500x\yesbron.com
    Virus:W32/Brontok.AN.worm Disinfected C:\Documents and Settings\Administrator\Local Settings\Application Data\jalak-932115015-bali.com
    Spyware:Cookie/Advertising Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.advertising.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.realmedia.com/]
    Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.atdmt.com/]
    Spyware:Cookie/Adtech Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.adtech.de/]
    Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.doubleclick.net/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.mediaplex.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[ad.yieldmanager.com/]
    Spyware:Cookie/Casalemedia Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.casalemedia.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[ad.yieldmanager.com/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.adrevolver.com/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.questionmarket.com/]
    Spyware:Cookie/FastClick Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.fastclick.net/]
    Spyware:Cookie/2o7 Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.2o7.net/]
    Spyware:Cookie/2o7 Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.112.2o7.net/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[statse.webtrendslive.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.bs.serving-sys.com/]
    Spyware:Cookie/Statcounter Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.statcounter.com/]
    Spyware:Cookie/Bfast Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.bfast.com/]
    Spyware:Cookie/Tradedoubler Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.tradedoubler.com/]
    Spyware:Cookie/Hitbox Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.hitbox.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.247realmedia.com/]
    Spyware:Cookie/Hitbox Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.phg.hitbox.com/]
    Spyware:Cookie/Tickle Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.tickle.com/]
    Spyware:Cookie/PointRoll Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.ads.pointroll.com/]
    Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.bluestreak.com/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Program Files\OfficeUpdate11\Cabs\513881[.tribalfusion.com/]
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0000.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0001.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0002.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0003.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0004.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0011.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0014.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0015.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0016.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0017.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0018.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0027.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0028.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\FOUND.001\FILE0029.CHK
    Virus:W32/Brontok.AN.worm Disinfected C:\Recycled\Dc201.exe


    Please move the post if appropriate but the link you provide is a sticky thread, surely you would not post on this?

    Thanks again

    Mat
     
    mats99,
    #5
  7. 2006/10/19
    Christer

    Christer Geek Member Staff

    Joined:
    2002/12/17
    Messages:
    6,585
    Likes Received:
    74
    Hi mats99,
    welcome to WindowsBBS ... :) ... !

    I moved your thread to a "better place ".

    Christer
     
    Christer,
    #6
  8. 2006/10/19
    mats99

    mats99 Inactive Thread Starter

    Joined:
    2006/10/19
    Messages:
    4
    Likes Received:
    0
    Thanks Christer, any ideas what i must do next?

    Thanks :p
     
    mats99,
    #7
  9. 2006/10/19
    Whiskeyman Lifetime Subscription

    Whiskeyman Inactive Alumni

    Joined:
    2005/09/10
    Messages:
    1,772
    Likes Received:
    37
    The sticky explains what programs to run especially Hijack This. You would post the HJT log in the section that the second link goes to. Seeing as it is already moved downlaod and run Hijack This as outlined in the first link then post the log in this thread.
     
    Whiskeyman,
    #8
  10. 2006/10/19
    TeMerc

    TeMerc Inactive Alumni

    Joined:
    2006/05/13
    Messages:
    3,226
    Likes Received:
    4
    Yes please do as Whiskyman has instructed, we need to see what else may be on the system

    The 'Found' related files are likely due to some type of back up application. I found na explaination by fred Langa:
    Looking forward to helping you remove the other bits of malware on your system as there are a couple to get.
     
    TeMerc,
    #9

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...