Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


The After-Effects of a Nasty Attack?

  • Please log in to reply
No replies to this topic

#1 taera


  • Members
  • 1 posts
  • Gender:Female
  • Local time:03:40 PM

Posted 21 October 2009 - 08:10 PM

Hello everyone,

I think I should start with some background info. Last Wednesday, I'd turned on my laptop (a Dell XPS M1210 running Windows XP Pro) and went out of the room for a minute or two, at most. When I came back, my entire screen was filled with notices that Symantec had tried to thwart an attack/infection. I restarted in safe mode, ran a few scans, and found this horrid _ex-08.exe program, as well as the Rogue.Security Tool malware. After a long and draining process of scan-reboot-still problems-reboot in safe mode-scan again, I think I've finally got the trouble-makers deleted or quarantined.

As of now: multiple quick and full scans with Malwarebytes', SuperAntiSpyware, and Symantec Antivirus have indicated no more nasties on my system, which makes me super-happy. The only problem is, after one of my earlier scans, SAS found a Trojan.Dropper/Sys-MS32Clod, and needed to quarantine what I assume is an infected file, C:\WINDOWS\SYSTEM32\MS32CLOD.DLL. Apparently, Windows isn't too happy about this, seeing as every time I now try to run a program, an error message comes up that reads:

programname.exe - Bad Image
The application or DLL C:\WINDOWS\system32\ms32clod.dll is not a valid Windows image. Please check this against your installation diskette.

I then have to click the "OK" button for the program to load. This is a nuisance more than anything, and still worlds better than having to deal with a virus-laden laptop, but I was just wondering if there were any way to let Windows know that Mr. ms32clod.dll has gone to the dark side and that we're better off without him. :thumbsup: Would any and all solutions involve relocating my installation disk? Or is there another way I could get a copy of the file, if it needs to be replaced?

Any help would be greatly appreciated! Thanks!

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users