Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System Slowdowns


  • Please log in to reply

#16
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Not really. You closed both the doors that led back.

Un- and Re-install the MicroSoft .net Software if you think that is what got damaged.

Regards,
  • 0

Advertisements


#17
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
How do i uninstall and reinstall it ?

where do i reinstall it from ?

What does the microsoft.net passport do ?

Thanks :tazz:
  • 0

#18
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Under Add/Remove Software there should be an entry for MicroSoft .Net Framework and related Software.

If you don't see it straight away try the Add/Remove Windows Components option.

Regards,
  • 0

#19
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
what exactly does the .net thing do ?

is it absolutely essential ?

thanks :tazz:
  • 0

#20
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Hard to decide for someone else. It may be necessary for logging in at certain sites (like Hotmail) once it has been installed.

Regards,
  • 0

#21
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
Thanks For Your Help.

I Have something worse than this now :

I was looking through the Windows And System 32 files and found a suspicious file. I decided to google it and I have a Backdoor,

The name of the file is Conime and I really dont know where to go from here.
  • 0

#22
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Can you tell me the full path and name of the file, where you found it was a backdoor and which scanner you used to confirm your suspicions?

Regards,
  • 0

#23
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
Sorry im not sure how to find the full path. Its in the Windows-System32 folder and that may help.

I googled it and it seems to be a backdoor its called conime and is a RAT. It is 27 kb in size.

No Virus scanner found it.
  • 0

#24
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
OK. So the Full path is C:\Windows\System32\conime

and you believe it's http://www.liutiliti...library/conime/

- Is it a running process?
- Did you check if it actually is an .exe file?
To view these extensions for all files in Windows Explorer, choose Folder Options from the Tools menu, click the View tab, and clear the check box next to "Hide file extensions for known file types."
- Did you upload the file here: http://virusscan.jotti.org/ ?
Let me know the results when you do?
- Are there any other files pointing to this infection?
Regsys.vxd
Service.dll
This backdoor was created in 2002 Any scanner not recognizing it now would not be worth the electrons used to download it.
Note there is also a Windows file with that name and extension:
The version tab of the latest would read: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)


Regards,
  • 0

#25
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
I cant seem to upload it for some reason. And another thing it seems to be a Microsoft Corp file . Sounds legitimate.

:tazz:

Oh yes just out of curiosity do you know what cmdial32.dll is ?

Edited by cleverboy12, 25 September 2005 - 02:04 PM.

  • 0

Advertisements


#26
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
Check the version number I gave you.

Same method applies for cmdial32.dll
There are two versions of the file Cmdial32.dll for 32-bit versions of Windows XP. Each of these files is specific to a service pack version:
• 7.2.2600.1621 will be installed on computers running Windows XP SP1
• 7.2.2600.2606 will be installed on computers running Windows XP SP2

http://support.micro...kb;en-us;893609

If it does not meet the specifications listed there, it is worth a second look, since there is also a dialre using that filename:
http://www.sophos.co...dialsevera.html
  • 0

#27
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
yeah mine is legitimate microsoft service thankfully :tazz:

Even if i did have a dialer it ouldnt dial anything because im connected through broadband and not connected to the phone.

Anyway enough about diallers.

Once again i would like to thank you for all your help :)

I have run ewido scan AVG scan and loads of other scans and my system is clean but i just think that there is something suspicious because something is accessing my hard drive too often even when im not active on the computer. My firewall logs have some chinese telecommunications company through inbound UDP and TCP.

Is there a way to be certain that my system is clean ?
  • 0

#28
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts

Is there a way to be certain that my system is clean ?

View Post



100% sure. No way.

99% sure. In your case, I dare to give you that.

Regards,
  • 0

#29
cleverboy12

cleverboy12

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 687 posts
Ok another thing i was a little curious and did a test with Dr something (forgot now sorry ) it found a trojan in the registry which i am aware of and have disabled from running and have deleted all the realted files from however it remains in the Reg. Im not sure about removing it incase it manages to get back in which i wouldnt imagine would happen.
  • 0

#30
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,671 posts
You'll have to povide more data then that, for me to be able to help you.

Regards,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP