Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Xp System32 Cleanup...


  • Please log in to reply
1 reply to this topic

#1 Northface22

Northface22

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 17 October 2005 - 11:57 AM

Hello. I am a new member with a couple of questions:

Having spent most of yesterday--Oct. 16--recovering from that nasty Spy Sheriff trojan by running my anti-spyware programs as well as deleting the relevant invaders from my Norton's quarantine log, I noticed today that the System32 file folder still has a few remnants from yesterday's assault, namely application files such as:

vxgame4
vxgamet1
vxgamet3
vxh8jkdq2
vxh8jkdq6
vxh8jkdq7
kernels32
acc42

and a few oddball files created on the same date which may or may not be associated with the aforementioned application files, namely:

chp.dll application extension
chp32.dll application extension
41 DL_file
vx.tll TLL file

The four above may be "innocent bystanders", but since they appeared on the same date, I don't know if I should delete them from the System32 file folder along with the rest--that is, if you recommend I do so and by the usual right-click, delete method?

While I'm at it, my msconfig startup screen still includes the trojan vxh8jkdq2 although I've removed the tick from the check box next to it to deny it entry. Can I completely remove this little bugger from the msconfig startup screen safely and easily, or should I just leave it there?

Thanks in advance for your advice.

BC AdBot (Login to Remove)

 


m

#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:10:43 PM

Posted 17 October 2005 - 01:40 PM

Why don't you post a HJT log for examination, just to be sure?

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users