Author Topic: Win32: Trojan-gen. {Other}? (Read 19909 times)

Eddy · « **Reply #30 on:** October 02, 2004, 03:12:34 PM »

Remove rundll.exe from the \windows\ folder and remove the entire \program files\backweb\ folder

1st one is a virus, second one is spyware.

Ruzhyo · « **Reply #31 on:** October 02, 2004, 05:18:54 PM »

I deleted Rundll32.exe also. When I choose "Customize my desktop" it says:

Windows cannot find C:\WINDOWS\rundll32.exe. YOu may have typed the name incorrectly in Run dialog, or another open program cannot find system file, click the start button, and then click search.

I know I delted it, is there any way I can replace it? xD. Sorry for all the trouble.

Eddy · « **Reply #32 on:** October 02, 2004, 05:24:48 PM »

Extract rundll32.exe from the windows cd.

start > run > msconfig > general tab > extract file
In the restore from box, browse to your windows me cd

Ruzhyo · « **Reply #33 on:** October 02, 2004, 06:06:39 PM »

Thanks, I finally got it working, lol. I selected the wrong thing to extract from. It already had the "Extract from" destination set up, so if I would have jsut hit "okay" the first time I would've gotten it right away. I tried selecting the M:\ but it wouldn't work.

THANK YOU FOR EVERYTHING!!!

Eddy · « **Reply #34 on:** October 02, 2004, 06:14:00 PM »

No problem

ciaopaty · « **Reply #35 on:** October 08, 2004, 07:21:01 PM »

I have this virus on my computer. The only thing that I could do was to move the infected files to the chest.
The files are: bi(2).dll ;bi(3).dll ; bridge.dll ; and imscan.dll

I don't know if I can simply delete these files. Please help.
Thanks.

ciaopaty · « **Reply #36 on:** October 08, 2004, 07:33:07 PM »

Logfile of HijackThis v1.98.2
Scan saved at 1:27:37 PM, on 10/8/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\system32\wfxsnt40.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\The Weather Channel\The Weather Channel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LimeWire\LimeWire 4.1.5\LimeWire.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WFXSVC.EXE
C:\Program Files\Symantec\WinFax\WFXMOD32.EXE
C:\WINDOWS\System32\wisptis.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Documents and Settings\Patricia Ribeiro.RIVER-WQ64QVEHY\Desktop\hijackthis_198\HijackThis.exe

There is more but it doesn't fit here

Author Topic: Win32: Trojan-gen. {Other}? (Read 19909 times)

Eddy

Re:Win32: Trojan-gen. {Other}?

Ruzhyo

Re:Win32: Trojan-gen. {Other}?

Eddy

Re:Win32: Trojan-gen. {Other}?

Ruzhyo

Re:Win32: Trojan-gen. {Other}?

Eddy

Re:Win32: Trojan-gen. {Other}?

ciaopaty

Re:Win32: Trojan-gen. {Other}?

ciaopaty

Re:Win32: Trojan-gen. {Other}?