suspicious.mh690.a

View previous topic View next topic Go down

suspicious.mh690.a

Post by victim02468 on Fri Nov 27, 2009 5:15 am

hi. i recently received multiple notifications from norton saying it blocked a certain suspicious.mh690.a which coincided with a incredibly reduced speed and performance of my computer upon installation of a certain guitar pro 5 program. when i checked the task manager to see what's going, a cmd.exe, two rundll32.exes, and three iexplorer.exes were running. also, there was a svchost.exe that was running with more than 100,000 K. i tried to repeatedly end their process trees and to a certain extent, contained the running of programs without my consent while i look for a way to fix it. i already uninstalled the program which caused the problem, stopped the system restore in services, unchecked the newly created tasks to run regedit upon startup (which kept coming back unceremoniously, by the way), and set the security options of internet explorer to high. i cannot perform simple file transfer procedures like copying and pasting to another directory, and all the icons in my taskbar are gone now, except for volume. i'm thinking of installing nod32, spybot s&d, spywareguard, spywareblaster which i got from:

[You must be registered and logged in to see this link.]

that led me to:

[You must be registered and logged in to see this link.]

i downloaded hijackthis, but i can't seem to be able to make it work. it says that i may not have the appropriate permissions to access the item. due to my paranoia, i still haven't rebooted my pc yet because i think the virus will settle and become more difficult to remove.

please help me.. *sad face*

victim02468
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2009-11-27
OS OS : XP
Points Points : 25663
# Likes # Likes : 0

View user profile

Back to top Go down

Re: suspicious.mh690.a

Post by Belahzur on Fri Nov 27, 2009 10:20 am

That topic I helped with is old, more of our more commonly used tools can catch these easily now, and that Gulden is also old, it wouldn't put up much of a fight either.

Please download SystemLook from one of the links below and save it to your Desktop.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code:

    :filefind
    scecli.dll
    netlogon.dll
    eventlog.dll
    cngaudit.dll

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum