Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Task scheduler infected? (google redirect)


  • This topic is locked This topic is locked
2 replies to this topic

#1 Overture_22

Overture_22

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:04 AM

Posted 07 March 2011 - 04:58 PM

Okay, so after preforming countless scans, with multiple anti-virus/malware/spyware/rootkit software, and posting GMER/DDS logs in logs section ( http://www.bleepingcomputer.com/forums/topic383299.html ).

I tried to reboot my computer using only basic services and devices. I previously took screen shots of the services and devices that were active before hand, so I could activeate them one at a time, when I restarted. So thats what I did, and my 'Microsoft antimalware' service seemed to be working now, and everything was fine, as long as I didn't restart my computer. I then went to turn System restore on, because for some reason I had it turned off, but I got error code (0x80070032).
Which means the task scheduler service is not started. (basically all needed services have been started at this point excluding 'task scheduler') When I turned the service to automatic and started it, Microsoft security essentials crashed, and my google links started to redirect again. After starting it, I am unable to stop the service, or disable it. As shown in the screen shot.

Posted Image

I'm pretty sure this is the source of the problem I have been having, any recommendations?

-Update-
Weird task found in task scheduler, that causes the google redirects, and closes microsoft antimalware programs, and services.

Name: Dthubqqyg
Author: owner
User account: SYSTEM
Run with highest privileges
Configure for: Windows Server 2003, Windows Xp, or Windows 2000
Trigger:At startup
Action: Start a program
Action details: C:\windows\system32\rundll32.exe "C:\Windows\system32\WMSPDMOEG.dll",lpno

I've managed to turn off this task, and everything works fine again.

Edited by hamluis, 07 March 2011 - 07:43 PM.
Moved from Malware Removal Logs to Am I Infected.


BC AdBot (Login to Remove)

 


#2 Overture_22

Overture_22
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:04 AM

Posted 07 March 2011 - 05:53 PM

Sorry, Just realized that I posted this in the wrong forum section. Meant to post in, 'Am I infected? What do I do?'.

#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,570 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:06:04 AM

Posted 12 March 2011 - 01:51 PM

Now that your log is properly posted, and has a reply, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the logs you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

To avoid confusion, I am closing this topic.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users