Unable to see files in WINDOWS\system32 - why?

[Turkbear]

Hi,
Could the file name be
LogonUI.exe?

If so, try some of the ideas in these search results:

http://www.google.com/search?hl=en&...vwUoAQ&q=logonui.exe&spell=1&biw=1680&bih=917

To Paraphrase:"The Help you get is proportional to the Help you give.."

 

[BadBigBen]

1. the files are hidden due to malware...
2. that file is the culprit... it hides itself from the AV...

it may be a pretty new strain of malware, as I can't find anything on the net about it...

I would suggest either:

1. create a BartPE with a malware scanner (updated) onboard, then boot with that CD and scan the PC...

2. download MalwarebytesAntiMalware, on a CLEAN PC, then transfer that file to a USB stick... now boot up the affected PC into SAFEMODE (with NETWORKING for updating the database), insert the USB stick and install the above program and let it do a full scan, DELETE anything it finds...

now, most likely the mother file of the malware hides in the DEFAULT USER Profile, navigate to that location and search (going through any of the FOLDERS) and look for EXE's (there should be NONE) and delete these... more to come later, e.g. how to unhide the files, etc...

if you think that it may be too much to do, then I can only suggest that you boot the system up with a BartPE CD, and transfer your DATA (sanning them as you transfer them) to a USB HDD (or scan them later), then proceed to do a clean install of XP (also would suggest to FORMAT the C: drive)...



Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"

 

[DrB0b]

I would advise a scan with Malwarebytes and a second AV just to see if it picks anything else up, either Avast or Microsoft Security Essentials I would recommend.

Link to Malywarebytes:

http://www.malwarebytes.org/

Link to MSE:

http://www.microsoft.com/en-us/security_essentials/default.aspx

"Silence is golden, duct tape is silver...

 

[linney]

You might like to give this a try first if you are happy with the instructions on site. Don't worry about the Linux side of things, you are only interested in the malware removal offered via the emergency boot CD.

Avira presents a FREE data recovery rescue CD

http://www.avira.com/en/support-download-avira-antivir-rescue-system

 

[allisland]

after you clear out the malware, google unhide it!

 

[Einstein47]

Thanks everyone for your suggestions.

I found that on the left panel (if you are NOT in folder view) there is a link/option to hide or show the contents of the folder. Clicking that made everything visible. [blue]First - whew[/blue]

Then I got the latest Malware-bytes, and during its first scan, I got a blue screen of death. [red]First - ouch![/red] So I rebooted and then my PC said it couldn't find a bootable disk [red]Second - ouch![/red] So I shut it down and stomped around the house for an hour being all angry, then I booted up to bios and checked my PC Health (the temp and fans - I had a fan go out last month and my PC was overheating). Everything looked good so I tried it again. This time it booted [blue]Second - whew![/blue]

Ran a new scan with Malware-bytes and it "encounted an error and needs to close - click here to tell Microsoft about this". But I did a major scan with Comodo, and didn't find anything. Maybe Comodo doesn't play nice with Malware-bytes? This PC is over 5 years old so I know I am pushing the limit on hardware expiration. I just don't have to money to invest in anything new right now (you know?)

So - I'll keep an eye on it, but otherwise - thanks everyone for helping out!

Einstein47 (Starbase47.com)
“PI is like love - simple, natural, irrational, endless, and very important“

 

[BadBigBen]

I've run MalwarebytesAntiMalware (MBAM) on a multitude of systems, including those protected by Comodo Antivirus/Firewall software... so there is NO incompatibility...

reasons as to why a program crashes, can be a multitude of reasons, but I found that most are either due to RAM issues (old, overheating, etc.) or HDD corruption of files that said program may need/uses...

anyway, you are definitely heading for a major problem, if the system overheats... I would at least do a back-up of your personal data (pictures, emails, etc.) to an external USB drive or onto a DVD, and that on a regular basis, in case your system decides one day NOT do boot up at all (or your HDD does go SOUTH)...

Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"