Please help! Had Defender virus warning - Now desktop icons have vanished!

Reluctant_spender

A few new files there;

1.
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:

1. Download the latest version of Java Runtime Environment (JRE) Version6 and save it to your desktop.
2. Scroll down to where it says "Java Runtime Environment (JRE)6 Update 11...allows end-users to run Java applications".
3. Click the "Download" button to the right.
4. Select your Platform: "Windows".
5. Select your Language: "Multi-Language".
6. Read the License Agreement, and then check the box that says: "Accept License Agreement".
7. Click Continue and the page will refresh.
8. Click on the link to download Windows Offline Installation and save the file to your desktop.
9. Close any programs you may have running - especially your web browser.
10. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
11. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
12. Click the Remove or Change/Remove button.
13. Follow the onscreen instructions for the Java uninstaller.
14. Repeat as many times as necessary to remove each Java version.
15. Reboot your computer once all Java components are removed.
16. Then from your desktop double-click on jre-6u10-windows-i586-p.exe
17. Follow the on screen instructions to install the latest Java version.

Reluctant_spender

Run a kaspersky log - this will take awhile but should show all infected files;

Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
• After the files have been downloaded on the left side of the page in the Scan section select My Computer
• This will start the program and scan your system.
• The scan will take a while, so be patient and let it run.
• Once the scan is complete, click on View scan report
• Now, click on the Save Report as button.
• Save the file to your desktop.
• Copy and paste that information in your next post.

paddywak

Will try this no. Thanks v much. Don't know what am doing but will try anything. Will return when finished this task.
Thanks

paddywak

Sorry again reluctant spender which should I do first the Jave or the kaspersky log?

Reluctant_spender

Go for the Java - yours is an old version and could be exploited.

aliEnRIK

Im thinking the problem are these ~
O4 - HKUS\S-1-5-19\..\Run: [wajaligufa] Rundll32.exe "C:\WINDOWS\system32\teruvobi.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [wajaligufa] Rundll32.exe "C:\WINDOWS\system32\teruvobi.dll",s (User 'NETWORK SERVICE')

Lets see how the scans go first though

Id also suggest uninstalling 'threatfire' Paddy (It came with PCTOOLS which I did ask to untick)

aliEnRIK

Reluctant_spender wrote: »

This line does not look to clever, very little found.

O20 - AppInit_DLLs: c:\windows\system32\redivipo.dll c:\windows\system32\hugeloko.dll,C:\WINDOWS\system 32\kugatugi.dll

Think id agree with your assumption there Reluctant

Reluctant_spender

Can you throw in a add/remove list and start up list too when you have completed the above.

1.
Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.
More information with a screenshot, can be found here.

2.
Run HijackThis.
Click on Open the Misc Tools Section.
Then press Generate StartupList log, making sure that both boxes next to it are checked.
Select Yes at the prompt.
A Notepad file will open, and will automatically be saved in your HijackThis folder.
Paste this log in your next reply.
More information with a screenshot, can be found here.

paddywak

I've installed the Java do I now do the kaspereky log or Add/remove programs or both now?
I'm not that good at this so really appreciate all this help. Thanks

Reluctant_spender

sorry - Kaspersky first, then add/remove and then start up.