QUESTION: C:\WINDOWS\system32\msview

  • Thread starter Thread starter Hunibal
  • Start date Start date
H

Hunibal

QUESTION: C:\WINDOWS\system32\msview

I noticed, in this folder - full of - cracks
And litterly hundreds of them
Is this good - or - ?
 
Hunibal said:
QUESTION: C:\WINDOWS\system32\msview

I noticed, in this folder - full of - cracks
And litterly hundreds of them
Is this good - or - ?
Click to expand...

Sounds like you got a p2p worm to deal with. I'm only guessing though...

Submit one of the files in that directory to virustotal to see what some
scanners have to say about them.
 
From: "Hunibal" <[email protected]>

| QUESTION: C:\WINDOWS\system32\msview
|
| I noticed, in this folder - full of - cracks
| And litterly hundreds of them
| Is this good - or - ?
|
| --
|
| Cheers _ Hunibal _
|

Sounds like the W32/Tibick!p2p worm
You know you have the Tibick if you have %windir%\system32\svcnet.exe.


Dump the contents of the IE Temporary Internet Folder cache (TIF)
Start --> Settings --> Control Panel --> Internet Options --> Delete Files

Dump the contents of the Mozilla FireFox Cache
Tools --> Options --> Privacy --> Cache --> Clear

1) Download TrendMicro Sysclean by one of the following 2 methods

Trend Sysclean Method 1
---------------------------------------
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Create a directory.
On drive "C:\"
(e.g., "c:\sysclean")

Download SYSCLEAN.COM and place it in that directory.
Download the signature files (pattern files) by obtaining the ZIP file.
For example; lpt598.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

Trend Sysclean Method 2
---------------------------------------
Download the utility SYSCLEAN_FE at the following URL --
http://www.ik-cs.com/got-a-virus.htm
SYSCLEAN_FE automates the download and execution process of the Trend Sysclean Package.
Direct URL --
http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe

2) Download and install Ad-aware SE (free personal version v1.05)
http://www.lavasoftusa.com/
3) Update Adaware with the latest definitions then exit the software.
4) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
5) Reboot your PC into Safe Mode and shutdown as many applications as possible
6) Using the Trend Sysclean and Ad-aware SE utilities, perform a Full Scan of your
platform and clean/delete any infectors found
7) Restart your PC and perform a "final" Full Scan of your platform using both Trend
Sysclean and Ad-aware SE
8) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
9) Reboot your PC.
10) Create a new Restore point

* * Please report back your results * *
 
--


Cheers _ Hunibal _
David H. Lipman said:
From: "Hunibal" <[email protected]>

| QUESTION: C:\WINDOWS\system32\msview
|
| I noticed, in this folder - full of - cracks
| And litterly hundreds of them
| Is this good - or - ?
|
| --
|
| Cheers _ Hunibal _
|

Sounds like the W32/Tibick!p2p worm
You know you have the Tibick if you have %windir%\system32\svcnet.exe.


Dump the contents of the IE Temporary Internet Folder cache (TIF)
Start --> Settings --> Control Panel --> Internet Options --> Delete Files

Dump the contents of the Mozilla FireFox Cache
Tools --> Options --> Privacy --> Cache --> Clear

1) Download TrendMicro Sysclean by one of the following 2 methods

Trend Sysclean Method 1
---------------------------------------
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Create a directory.
On drive "C:\"
(e.g., "c:\sysclean")

Download SYSCLEAN.COM and place it in that directory.
Download the signature files (pattern files) by obtaining the ZIP file.
For example; lpt598.zip

Extract the contents of the ZIP file and place the contents in the same
directory as
SYSCLEAN.COM.

Trend Sysclean Method 2
---------------------------------------
Download the utility SYSCLEAN_FE at the following URL --
http://www.ik-cs.com/got-a-virus.htm
SYSCLEAN_FE automates the download and execution process of the Trend
Sysclean Package.
Direct URL --
http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe

2) Download and install Ad-aware SE (free personal version v1.05)
http://www.lavasoftusa.com/
3) Update Adaware with the latest definitions then exit the software.
4) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
5) Reboot your PC into Safe Mode and shutdown as many applications as
possible
6) Using the Trend Sysclean and Ad-aware SE utilities, perform a Full
Scan of your
platform and clean/delete any infectors found
7) Restart your PC and perform a "final" Full Scan of your platform
using both Trend
Sysclean and Ad-aware SE
8) Re-enable System Restore and re-apply any System Restore
preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
9) Reboot your PC.
10) Create a new Restore point

* * Please report back your results * *
Click to expand...

Thanx for your help, will try it.
 
Thanx to all the help.
Followed the instructions and it worked.
Got more disk space and a much faster system.
 
From: "Hunibal" <[email protected]>

| Thanx to all the help.
| Followed the instructions and it worked.
| Got more disk space and a much faster system.
|
| --
|
| Cheers _ Hunibal _


Fantastic !

Thanx for updating the thread.
 
Back
Top