Please help! Had Defender virus warning - Now desktop icons have vanished!

redmandarin

Hi, I'd been having slow start up problems, so I replaced my firewall (Zone Alarm) with Sunbelt. I also uninstalled Spybot and replaced it with SpywareDoctor, (as Martin says he personally prefers it)!

I'll get back to you as soon as MalwareBytes has completed the scan!

redmandarin

Here's the log file:

Malwarebytes' Anti-Malware 1.31
Database version: 1494
Windows 5.1.2600 Service Pack 3
12/12/2008 21:08:48
mbam-log-2008-12-12 (21-08-48).txt
Scan type: Full Scan (C:\|)
Objects scanned: 131627
Time elapsed: 2 hour(s), 16 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad:
(C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\XXXXX\LOCALS~1\Temp\init.exe) Good: (userinit.exe) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

aliEnRIK

redmandarin wrote: »

Hi, I'd been having slow start up problems, so I replaced my firewall (Zone Alarm) with Sunbelt. I also uninstalled Spybot and replaced it with SpywareDoctor, (as Martin says he personally prefers it)!

I'll get back to you as soon as MalwareBytes has completed the scan!

Sunbelt can create even more problems on some computers
Id suggest PCTOOLS firewall (fastest around)

And I personally cant stand the free version of SpywareDoctor
Id suggest reinstalling SPYBOT (But have the 'tea timer' mode switched off), and use it to IMMUNISE and SCAN
And id install SUPERANTISPYWARE to check for spyware problems (Doctor is HIGHLY limited in what it will remove)

redmandarin

Thanks, aliEnRIK,

I installed SuperAntiSpyWare yesterday, on the advice of Browntoa (no probs found), and I'll scan regularly with it, from now on. Maybe it'd be a good idea to change the firewall and go back to Spybot - with different people's personal preferences and recommendations, I'm never sure what to do for the best!

I'm a bit wary of downloading HiJackThis, as it looks as though I may not be knowledgeable enough. According to the malware sticky "You should only use HijackThis if you have advanced computer knowledge or if you are under the direction of someone who does. Improper usage of this program an cause problems with how your computer operates".

I'll have some spare time tomorrow afternoon. Please can anyone help me out with this?

aliEnRIK

Dont worry about the HIJACK program
all your going to do is SCAN with it and post the log
ie ~ your not doing anything that will effect your computer in ANY way

MikeWhitehead

Yea, don't worry about downloading it. If you post the log here, someone can then look over your log and see if there's anything there that shouldn't be.

Browntoa

you can trust me to only highlight the stuff to remove from Hijackthis

redmandarin

Thanks for your reassurances and offers of help, guys! Much appreciated!

I'll switch on my pc now and download HiJackThis. Do I need to do it in safe mode?

I'll post the logfile asap. Watch this space!

Browntoa

ready when you are

redmandarin

Thanks Browntoa!

Do I need to scan in safe mode?