Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HELP ME REMOVE THIS!


  • Please log in to reply

#91
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Sigh. Can you upload C:\WINDOWS\system32\Microsoft\security\services.exe at http://www.virustotal.com/

Copy and paste the scanresults into your next post.
We will need to establish which scanners we can use.

Regards,
  • 0

Advertisements


#92
SATAN[sS]

SATAN[sS]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
It wouldn't let me copy it, so I typed it out.

AntiVir - No virus found
Avast - Win32:Trojan-gen. {UPX!}
AVG - Backdoor.Generic.SQQ
Avira - no virus found
BitDefender - Backdoor.Mosv.A
CAT-QuickHeal - no virus found
ClamAV - Trojan.Mosucker-5
DrWeb - Backdoor.Mosu
eTrust-Iris - no virus found
eTrust-Vet - no virus found
Fortinet - W32/MoSucker.V07-bdr
F-Prot - security risk named W32/Backdoor.DGH
Ikarus - Backdoor.Win32.Mosucker.07a
Kaspersky - Backdoor.Win32.MoSucker.07a
McAfee - no virus found
NOD32v2 - Win32/MoSucker.07
Norman - no virus found
Panda - Bck/Sink.A
Sophos - no virus found
TheHacker - Backdoor/MoSucker.07a
VBA32 - Backdoor.Win32.MoSucker.07a
  • 0

#93
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Excellent. It shows that McAfee indeed doesn't know it.

I suggest you download a free trial of Nod32
Download the correct version for your system ( probably NOD32 for Windows NT/2000/2003/XP - Version 2.5 nentenst.exe ) here:
http://www.nod32.com...nload/trial.htm

Install NOD32 as an on demand scanner and do a full system scan.

Post back with a new HijackThis log when you are done.

Keep us posted.

Regards,
  • 0

#94
SATAN[sS]

SATAN[sS]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Sorry I havent been posting, my internet was off for a couple of days.
I did as you asked, but I have a problem. I cant open some of the programs on my desktop, it asks what program I want to open it with, and when i open it with the right program it says its not a win32 application.When I go to turn system restore on it says "C:\Windows\system32\rundll32.exe Application not found". Please help me fix this, and here is my log.

Logfile of HijackThis v1.99.1
Scan saved at 12:42:59 PM, on 11/25/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\walt and robin\My Documents\My Music\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
O2 - BHO: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Big Fish Games Toolbar - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - C:\PROGRA~1\BFGTOO~1\BFGTOO~1.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [explorer] C:\WINDOWS\system32\Microsoft\security\services.exe
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.kaspersky.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1113234282218
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD862C3D-3B92-47B7-92A4-A2D77590B106}: NameServer = 69.72.11.13 69.72.11.2
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

Edited by SATAN[sS], 25 November 2005 - 11:49 AM.

  • 0

#95
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Please find:
C:\WINDOWS\system32\dllcache\rundll32.exe and copy (not move) it to the
C:\Windows\system32 directory.

Then try again.
Let nme know the results of the NOD scan.

Regards,
  • 0

#96
SATAN[sS]

SATAN[sS]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
C:\WINDOWS\system32\dllcache\rundll32.exe wasnt there but i found it inside of the C:\Windows\system32 folder.
  • 0

#97
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Click Start > Run and copy & paste this command:
RunDLL32.EXE shell32.dll,Control_RunDLL sysdm.cpl,,4
then click OK.

Let me know what happens.

Regards,
  • 0

#98
SATAN[sS]

SATAN[sS]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
I entered the command and it asked me what program I want to open it with.
  • 0

#99
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
I have no idea what has happened to your computer. :tazz:

I think it would be advisable to start over.
Backup the files you want to keep and repair XP as described here:
http://www.geekstogo...p?showtopic=138

Regards,
  • 0

#100
SATAN[sS]

SATAN[sS]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
I don't have the XP cd to repair my computer. :) :tazz:
  • 0

Advertisements


#101
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
How was Windows installed on the computer?
Did you buy it pre-installed?

If so, did it come with Restore CD's ?

Regards,
  • 0

#102
SATAN[sS]

SATAN[sS]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
It was pre-installed and never came with the discs.
  • 0

#103
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Is there any chance you can get the CD's ?

Or borrow a CD that has the correct version from someone. If you have your own product key we can still use those.

Note: if you did not get the product key it's time to make some noise to the person that sold you the computer

Regards,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP