sys32dll.exe possible infection - Requesting Help

Discussion in 'Malware Help (A Specialist Will Reply)' started by mpietkevich, May 10, 2009.

  1. mpietkevich

    mpietkevich Private E-2

    Hello,

    The current instructions I am fallowing were found in this users post @: http://forums.majorgeeks.com/showthread.php?p=1329292
    As I believe it is the same problem.


    Current issues leading me to believe this is the problem:
    ______________________________________________________________
    First, over the program AOL Instant Message a message was received that offered a link. the users clicked on the link.

    The computer began to slow down significantly over a few minutes.

    The users restarted the computer.

    After the start up; the computer's anti virus program(VirusScan Enterprise + Anti-Spyware Module 8.0.0(licensed)(Patch Version: 13)) displayed a "VirusScan Alert!"
    Date and Time : 5/10/2009 12:39:36 PM
    Path Name : C:\WINDOWS\system32\SYS32DLL.exe
    Detected As : New Malware.j
    State: Moved (Clean failed because the file isn't cleanable)

    Also the message appeared:

    "Command Script Icon" C:\WINDOWS\System32\SYS32DLL.exe

    "Windows cannot find 'C:\WINDOWS\System32\SYS32DLL.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.

    The computer will connect to AOL Instant Messanger.

    The Computer will not connect to Internet Explorer, Mozilla Firefox.
    Displayed a "The page cannot be displayed"
    _______________________________________________________________


    I will attempt to continue with the instructions located at http://forums.majorgeeks.com/showthread.php?p=1329292

    I will then post a response to this message updating you on the current situation after attempting the instructions linked above.

    thanks, matt
     
    mpietkevich, May 10, 2009
    #1
  2. mpietkevich

    mpietkevich Private E-2

    Did not find TDSSserv.sys in Device Manager.

    -Uninstalling malware programs -

    Attempted to uninstall Ask Toolbar
    Message received after clicking "Remove":
    Uninstall
    We need to close your Internet Explorer browser windows before uninstalling the Ask Toolbar. Click Yes to close open browser windows and to uninstall the Ask Toobar.
    Yes No
    When ever I click yes the message reappears no matter how many times I click yes.

    I eventually click No
    Uninstall Failed.

    IE Host removed.
    WildTangent removed.
    Java uninstalled
     
    mpietkevich, May 10, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    As stated in the cleaning instructions you need to complete all steps and then attach the 4 requested logs. You should not be stopping.
     
    chaslang, May 13, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds