Problem opening HDD after a fresh install

**gt_killa** · 2009-02-06 04:47

I just reinstalled a fresh copy of windows XP Pro on my computer. I have a HDD ~300 GB so I divided them into 2 HDD: 80GB & 220GB. The 220GB is to store files and such while 80GB is just programs. I installed XP on the 80GB. When I tried to access both drive from "My Computer" I get an Error Message:

"Windows cannot find
RECYCLER\S-2-9-65-100024093-100001027-100001089-9560.com.Make sure you typed the name correctly, then try again. To search for a file, click Start button, and then click Search."

Does anyone know what is this and how to fix this? I installed the same copy on my parents computer and it works fine. This is the first time something like this pop up.

**Kohan** · 2009-02-06 05:39

Try running this program:

Autorun Eater - Free software downloads and reviews - CNET Download.com

Does it detect anything suspicious?

**gt_killa** · 2009-02-06 05:47

Hi Kohan!

Thank you~
Yea it detects something suspicious. Here's the screenshot.

Spoiler: show

It detects in both of the HDD. Do you know what is it? Should I do a spyware/virus scan?

**Kohan** · 2009-02-07 03:05

Try removing that on both HDDs, then see what happens.

You may not necessarily have a virus infection or anything like that. However, it won't hurt to follow up the bad autorun.inf deletion with a MalwareBytes and/or Avast! Anti-Virus scan.

**gt_killa** · 2009-02-08 02:50

I removed them and was able to access my HDDs! Works like a charm! Thank you very much!!

However MalwareBytes detects an infection call "iamfamous.dll" I tried to remove it but I don't think it's gone completely because I plugged in my USB and shortly after I got the same Error Message that I got with the HDDs, and lost my account on RS as well.

**Kohan** · 2009-02-08 05:15

All right. This is going to scare you, and I apologize, but iamfamous.dll is a part of an extremely dangerous rootkit that has caused people to lose very essential information, including their bank account data. Though I'm only a random face over the internet, I implore you to trust me on this, as I'm not going to bullshit someone over something so serious.

If you do any internet banking or have credit card information stored on your computer, I advise that you call your banks and inform them that your information could have been compromised. If you do not use internet banking then you obviously don't need to worry about this.

Your USB drive (as I'm assuming that's what caused this to happen, since you said you "plugged in your USB") must be infected by something that's running and replacing itself. Viruses that are severe will rapidly infect any running applications and other forms of executable files they can launch themselves from, so that is probably what happened here -- you contracted the virus from the internet and now it's all over the place.

Here is a forum discussion that's quite thorough about the virus:

Iamfamous.dll - The Elder Geek on Windows XP

If you need to ask more questions, first follow the instructions there, then post things (like a HijackThis log) here.

**gt_killa** · 2009-02-13 22:09

Thanks for your help and informative warning!

I followed the steps and all the scans are giving me no threats found! Thank you very much!

**Kohan** · 2009-02-13 22:11

Congrats on getting rid of it, and glad to help.

If you don't already, you should have Avast! Anti-Virus installed on your machine (or another good anti-virus) and running, and a spyware blocker -- like Spybot Search & Destroy -- would be good, too.

**gt_killa** · 2009-02-19 14:48

Yea I have them installed on the comp already! I use Kaspersky for Antivirus. Thanks for the tips!

I have one more question. I went to work last night and probably my sister used the computer while I was gone, when I came back and check I saw 2 strange things on the Start up list.

1.uvuzofuqoqiwogij.dll
2.blepilitaciwiwa.dll

Do you know what they are? I've never heard of anything like this. Below is a screenshot I took.

Spoiler: show

HIJackthis Log

Spoiler: show

**Kohan** · 2009-02-19 16:25

If you're getting these viruses despite using a powerful program like Kapersky, my guess is that someone is either turning it off or deliberately ignoring warnings, as they're installing things that do contain viruses. Those are both rubbish files caused by an infection.

There is an actual authentic Rundll32, but those aren't it, that's for sure. There are a few possibilities as to what this one could be:

W32.Miroot.Worm | Symantec
Backdoor.Lastdoor | Symantec
Trojan.StartPage | Symantec

Do any of those help you? It might be something else, but those are among the viruses that disguise themselves this way. These are the kind of viruses that root themselves in the depths of your system and keep reinstalling themselves (which is why Google won't show you anything if you put in those DLL names -- they're randomly generated).

**gt_killa** · 2009-02-19 18:39

Ah I see... Nowonder I couldn't find any information on it through Google. I tried to remove it with HiJackthis but it still comes up after a re-scan. Do you think it'd be best to have a fresh install again?

**Rikaku** · 2009-02-19 19:24

Hello,

Before you reinstall windows, Download Process Explorer It will give you more info on what is running on your system.

It sounds like there is a service running on your system or a process remaking the dll files.

**Kriz** · 2009-02-19 22:50

ComboFix, then you'll scan clean. Those random garbage letters.dll and stuff are always a pain, but CF will get it clean in 20mins or so.

MalwareBytes rocks, but for rootkits it misses many pieces or doesn't remove them completely. ComboFix fills that gap for the other 99% of rootkits. So far, I've only ever had one instance where I needed more than MB and CF.

Edit:That's a cute program for autorun.inf, thanks for posting it

**gt_killa** · 2009-02-27 21:50

All done and done! the comp is 100% clean! Thank you everyone for the help! =]

**Kohan** · 2009-02-27 22:07

You're welcome. Now make sure nobody messes with your virus scanner!

**gt_killa** · 2009-02-28 01:57

Haha will do!

Thread: Problem opening HDD after a fresh install

Thread Tools

Problem opening HDD after a fresh install

Similar Threads

Problems opening up FFXIV.

Windows 7 Ultimate Fresh Install

Problem opening POL/FFXI with vista

odd problem cpu/hdd?

Problem installing XP

Annoying problem when opening files.

PS2 HDD swapping / Installation Question

Latest Threads

Up & Coming Threads

Hottest Threads