New Thread: What's yrndlcit.exe?
I posted the original of this yesterday. No, I didn't post logs, because I wasn't sure if this was the right place or not, and right this instant, I'm not sure how to go about GETting log (keep reading, I'll explain).
I searched for yrndlcit and yrndlcit.exe and found zero references... kinda surprising - is it "the" problem or something totally off the wall?
Anyway, this "yrndlcit.exe" was popping up several times a minute - I'd put it on the blacklist - but either I accidentally put it on the white list too or it managed to add itself - I was getting multiple boxes on the screen announcing that yrndlcit.exe was running because it was white listed followed by boxes announcing that it was terminated because it was blacklisted... somehow I got into the lists - don't recall what I did - and deleted the white list entry, so at least I don't see the *(&#$@ boxes anymore. But something's up - still... my desktop icons are all highlighted all the time, and the computer is slow, and it keeps kicking off IE (I use FF) and complaining about being offline (I have no intention of putting it online on my little home LAN until something is resolved - only one other computer is Windows, but...).
I saw the stickies about the procedure - S&D is running right now [ NOTE: WAS when I write the original - keep reading for results ] on the infected computer, so when it's done I'll d/l the other progs, CD them and copy onto El Sicko and run, if there's any point to it...
Here's what happened next: I went back to edit my original, and provide some more information... but, of course, you can't edit your posts here, so I replied to it (is there some other alternative?), and I got a response, which was basically "RTFM" - which I think I had indicated (see above) that I had done already - and asked to start a new thread, which I am doing right now.
The result of the S&D scan was that it found 3 instances of virtumonde in the registry and said they were fixed (which I took to mean erased). When I rebooted it, intending to hook the computer directly to the DSL and avoid infecting others on my LAN, it came up with nothing but a desktopn wallpaper - no icons, no taskbar. Ctrl-Alt-Del does bring up the Task Manager, but I'm not sure where to go next. I can get it up in safe mode (although on this Dell notebook, the screen in this mode is about half the size of the full screen and a little hard to work with).
I understand that this post, like the previous one, is in violation of the requirement to post logs from Kaspersky Online, as well as some of the following ones, but I can't GET online, which makes it a bit of a problem.
Perhaps I should start somewhere else???
Anyway, if someone can help me get past this point, I promise I'll do my best to keep to the requirements the rest of the way.
Thanks!