• Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About bag06a

  • Rank
  1. Hey everyone, I have a problem here and hopefully some of you have some insight. I was recently infected by a couple malicious items so I ran ad-aware to remove them. Ad-aware did it's job in finding and removing them, but I had some bad consequences. Upon rebooting it did a boot clean (which I will post the log of at end of post) and then resumed loading windows. When windows was finished loading and I logged on I was unable to run most programs. Worried that maybe not everything was removed I tried to open ad-aware....nothing opened. I then tried to load firefox....same thing, nothing; IE....nothing. After trying a few things and none of them being successful, I restored my computer to an earlier point in time. Doing so fixed the problem, but the malicious item returned as well. So I again ran ad-aware, it found items, I removed them, it did the boot clean, and bam same problem again. This time I noticed a pattern, the only programs I couldn't load were 32 bit. I am running windows 7 pro 64 bit (thank God they included a 64 bit version of IE!). It seems that ad-aware (or the virus essentially) may have attached itself to the WOW64 emulator. Problem is that I dont know how to fix that (and hopefully it doesn't involved a complete restoral of windows or my hard drive). Any of you have any suggestions? ----Boot clean logs---- Log 1 [quote][~] Cleaning started at 2010-11-20 14:06 [~] Preparing to execute queued commands [~] Deleting file: C:\Users\Ben\AppData\Local\Temp\xcnosrmeaw.exe [~] Deleting file: C:\Users\Ben\AppData\Local\Temp\narxcwmeso.exe [~] Deleting file: C:\Users\Ben\AppData\Local\Temp\\drqueue-setup_0.63.2.exe [~] Deleting file: C:\Users\Ben\AppData\Local\Temp\wrnecsmaxo.exe [~] Finished processing queued commands[/quote] Log 2 [quote][~] Cleaning started at 2010-11-23 13:36 [~] Preparing to execute queued commands [~] Deleting file: C:\Users\Ben\AppData\Local\Temp\\drqueue-setup_0.63.2.exe [~] Deleting file: C:\Program Files (x86)\drqueue\bin\drqman.exe [~] Deleting file: C:\Users\Ben\Downloads\ [~] Deleting file: C:\Windows\Temp\itev.tmp\setup.exe [~] Finished processing queued commands[/quote]