Virus gone so is Windows explorer...

[niemiro]

Well if your certain then i'm most willing to completely destroy anything that still resides here!
I'm already glad i have my desktop back!

But what exactly are you thinking of?

Well, I cannot be certain. There may be nothing. I just think that we may as well check. I have called in the expert (Jacee)

 

[Jacee]

Hi ranter, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.

Save any unsaved work. TFC will close ALL open programs including your browser!
Right-click on TFC.exe and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. It also cleans out the %systemroot%\temp folder and checks for .tmp files in the %systemdrive% root folder, %systemroot%, and the system32 folder (both 32bit and 64bit on 64bit OSs). It shows the amount removed for each location found (in bytes) and the total removed (in MB). Before running, it will stop Explorer and all other running apps. When finished, if a reboot is required the user must reboot to finish clearing any in-use temp files.
TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail. TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.

Next, Please download OTL[/url] to your desktop.

Double click on the icon on your desktop.
Click the "Scan All Users" checkbox.
In the custom scan box paste the following:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s

Push the Run Scan button.

Two reports will open, copy and paste them in your next reply.
OTL.txt <-- Will be opened
Extra.txt<--Will be minimized

 

[ranter]

ok i got the tfc downloaded to my desktop but the link of the OTL one isn't right. Tried to correct it but it couldn't find server.

So if you could fix that then i can clean my computer!
And once again i'm thanking everyone who helped me here!

 

[Jacee]

This should work http://oldtimer.geekstogo.com/OTL.exe

 

[ranter]

Alright well i got the results here. in the attached files.

And i want to say again major thanks to everyone you really helped me getting my computer back without losing something!!!

 

[Jacee]

Please download exeHelper to your desktop.
Right-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)

 

[ranter]

Alright i ran it.
Pretty deep scans and all!!

 

[Jacee]

Not showing anything .... One more thing to check,
I'd like you to scan your machine with ESET OnlineScan

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the
   
   button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on
      
      to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the
      
      icon on your desktop.
4. Check
   
5. Click the
   
   button.
6. Accept any security warnings from your browser.
7. Check
   
8. Push the Start button.
9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
10. When the scan completes, push
    
11. Push
    
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12. Push the
    
    button.
13. Push
    

 

[ranter]

Well it took me about 2 hours but i scanned it!

It did found 4 viruses wich i'm glad it did!

 

[Jacee]

Now i know i can still put alot of stuff on my HD (dunno about a backup though) and then reinstall, but the thing is that i have alot of music i produced on it with certain configurations that i just can't afford to lose.

C:\Users\Timo\Documents\Cubase.4\CRACK\Patcher.exe probably a variant of Win32/TrojanDownloader.Agent.CYVFHAJ trojan cleaned by deleting - quarantined
C:\Users\Timo\Downloads\Cubase Studio 4 (Incl.Working.Fix)\Cubase.4.rar probably a variant of Win32/TrojanDownloader.Agent.CYVFHAJ trojan deleted - quarantined
C:\Users\Timo\Downloads\Cubase Studio 4 (Incl.Working.Fix)\Cubase.4\Cubase.4\CRACK\Patcher.exe probably a variant of Win32/TrojanDownloader.Agent.CYVFHAJ trojan cleaned by deleting - quarantined
C:\Windows\System32\hlp.dat Win32/Bamital.DZ trojan cleaned by deleting - quarantined

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze. Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Some of the recent infections can turn your machine into a doorstop. It's also very important to avoid any "cracks" or "Keygens" that allow unauthorized use of programs. Besides being illegal, these files also are loaded with "planted" malware