Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

unknown file detected as rootkit [RESOLVED]

Started by fortune82 , Apr 07 2008 03:58 PM

  • This topic is locked This topic is locked

#16
greyknight17
Posted 27 April 2008 - 05:41 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Open up your Notepad editor (Start->Run, type in notepad and click OK). Copy and paste the text into the quotebox below:

File::
C:\WINDOWS\system32\{e5e71dae-2076-aa8a-2ed5-c0ab8973941f}.dll
Folder::
C:\Documents and Settings\All Users\Application Data\Viewpoint
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1436739e-f758-ae8a-f7eb-bed7cbf18c9c}]

Save this as CFScript.txt in the same location as the ComboFix.exe tool.
Drag the CFScript.txt into ComboFix.exe
Follow the prompts. When finished, it shall produce a log for you. Post that log in your next reply.

Note: Do not click on combofix's window while it's running. That may cause it to stall.

How is the computer running so far?
  • 0

Advertisements

#17
fortune82
Posted 27 April 2008 - 05:44 PM

fortune82

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts
Wont let me use that last one. Keeps saying installation failed.


And the PC has been running fine
  • 0

#18
greyknight17
Posted 29 April 2008 - 07:35 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Download OTMoveIt2 at http://download.blee...r/OTMoveIt2.exe
* Save it to your desktop.
* Double-click OTMoveIt2.exe to run it. (Vista users, right click on OTMoveIt2.exe and select Run as an Administrator).
* Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

C:\WINDOWS\system32\{e5e71dae-2076-aa8a-2ed5-c0ab8973941f}.dll
C:\Documents and Settings\All Users\Application Data\Viewpoint
HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1436739e-f758-ae8a-f7eb-bed7cbf18c9c}

* Return to OTMoveIt2. Right click in the Paste List of Files/Folders to Move window (under the Yellow bar) and choose Paste.
* Click the red Moveit! button.
* Close OTMoveIt2.

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Good job. Your log is clean.

To help prevent future spyware infections, read the Anti-Spyware Tutorial and use the tools provided.

Are there any problems now? If none, go to Start->Run, copy/paste in combofix /u and hit OK to remove it. You should be set to go.
  • 0

#19
fortune82
Posted 29 April 2008 - 08:00 PM

fortune82

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts
Thanks a lot!! This little infestation was particularly nasty; happened while using IE7, before I could install Firefox or any Anti-Spyware or -virus.
  • 0

#20
greyknight17
Posted 29 April 2008 - 08:51 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP