Strange behaviour , started with "file.exe" appearing on the desktop

[dieselmb]

Two days ago a desktop ikon appeared:"file.exe". I learned that it is
a trojan. It would not go away. I went to safe mode, installed and
ran "Autoruns", but it froze. I removed file.exe finally using
filesearch.
Since than when I right click on a desktop ikon, the desktop goes blue
for a minute and than changes back, but the ikons at the bottom right
dissapear.
My malware and antivirus programs became corrupt. AT&t Online
Protection (Antispy and Antivirus), Adaware and AdWatch froze. I
reinstall the last two, AT&T online protection will not re-install
(freezes on install). Adaware came up clean and Spybot found
"smithfraud", "win32.Agent.azk" and "alexa related" and removed these
registry keys.

 

[Dave Patrick]

Sounds like it's time for that clean installation.

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

 

[Guest]

Two things.
First, download and run HijackThis. It has to places that you are interested
in. The main screen that comes up, run a scan and it will show you most of
what is starting and from where. Remove any entries and rescan. If the
entries come back, make a note of them.

Second go to the Config screen then misc tools and run the generate startup
log.
This should give you clues of other items of interest.

If you Virus program isn't working, download Grisoft AVG and update it, then
run it.

Sounds like it's time for that clean installation.

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

Two days ago a desktop ikon appeared:"file.exe". I learned that it is
a trojan. It would not go away. I went to safe mode, installed and
ran "Autoruns", but it froze. I removed file.exe finally using
filesearch.
Since than when I right click on a desktop ikon, the desktop goes blue
for a minute and than changes back, but the ikons at the bottom right
dissapear.
My malware and antivirus programs became corrupt. AT&t Online
Protection (Antispy and Antivirus), Adaware and AdWatch froze. I
reinstall the last two, AT&T online protection will not re-install
(freezes on install). Adaware came up clean and Spybot found
"smithfraud", "win32.Agent.azk" and "alexa related" and removed these
registry keys.

 

[Dave Patrick]

Thanks, mine is working fine.

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

 

[dieselmb]

Thanks, mine is working fine.

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]http://www.microsoft.com/protect

:

Two things.
First, download and run HijackThis. It has to places that you are
interested
in. The main screen that comes up, run a scan and it will show you most of
what is starting and from where. Remove any entries and rescan. If the
entries come back, make a note of them.

Second go to the Config screen then misc tools and run the generate
startup
log.
This should give you clues of other items of interest.

If you Virus program isn't working, download Grisoft AVG and update it,
then
run it.- Hide quoted text -

- Show quoted text -

Found the culprit: msdndr.pif
Disguised with the MSDOS icon. What clued me was that it is not
authored by Microsoft. The hidden program is in the system start-up
menu. Installs msdndr.sys in winnt\sys32.
I used AUTORUNS in safe mode to delete the registry entry and the
driver file was only found by File Search.
It will not let you delete any *.exe files and hides all system files,
no matter what the settings are.
It also corrupted my anti virus program and prevented download and re-
install