Need help with an insanely infested machine

AliCat_Klein · Cadet Joined: Jun 05, 2004 Posts: 2 Location: USA

Hello,

I am a home PC user consultant and I am in need of help with a PC that is horribly infested with all sorts of "yicky" bad things that I am not able to research through the usual channels. The machine is an old PC running Win ME.

I have things listed in the machine's start up and running processes that I can not recognize because they are all sorts of letters and numbers in combination. I would appreciate any and all assistance with this. Here's what's loaded:

GLEL.EXE
5QEKE7T5NG9WG2-OKXY.EXE (general comment....What the hell???)
16494293046456 (again, what the hell???)
AUTOLOADERPZ5Q1JISKJIX UPN2DLL.EXE-PC="AM.WILD" HIDE UNINSTALL (I am really uncomfortable with anything that is installed and goes to the extreme to hide its uninstaller)
IEGSJ NSSDRKBI.EXE-QUIET
VS7DEBUG/MDMEXE

I also am working on a pair of machines that currently (Win XP HE) that have an item listed in the MSCONFIG as existing as a line item but there is no identifying information on the items. It is just a checkbox and the area next to it where the identification info is supposed to be is blank. Does anyone know how to figure out what is hiding itself? My opinion/gut feeling is that it is something nefarious.

Thank you all in advance for your assistance. If you wish to e-mail me directly my e-mail is removed for your security; spambots pass this way

I will also be using the much recommended hijackthis program

Sincerely,
AliCat_Klein

Rolling Eyes

Mariner · Posted: Sat Jun 05, 2004 1:10 am Post subject:

Hi AliCat_Klein,

Best have one of our experts take a look at those strange running processes then. Please follow these instructions carefully then proceed as follows:

First:
Please read these messages
Virus=Read This: http://www.computercops.biz/postt8864.html
HiJack= Read This: http://www.computercops.biz/postt911.html

Then
Download: HiJack This!

Create and Unzip to a folder not your Desktop or the Temp folder, doubleclick HijackThis.exe, and press "Scan".
Unzip the download (using a piece of software like: Winzip)

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log in a text file, and post it in the CCSP "Spyware - Hijack Related" forum:

http://computercops.biz/forum67.html

Most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

*Please, be patient. An expert will examine your log and this does take time. Please, no 'Bumps' and no 'Duplicates'. Thank you.*

AliCat_Klein · Cadet Joined: Jun 05, 2004 Posts: 2 Location: USA

Hello,

Thank you for the quick reply to my problem. I have reviewed the instructions and I sincerely apologize for any person that I might have offended with my "What the "H"" comments.

It is my intention to make use of the Hijackthis program when I return to my client as I have already downloaded it.

Have a great day!

AliCat_Klein
Laughing


	Home ˇ Topics ˇ Submit News ˇ Top 10 This entire site, Cops Themes, and Computer Cops are Š 2002 - 2004 Computer Cops, LLC. All rights reserved. You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0. Acceptable Use Policy. Use signifies your agreement. Engine Copyright Š 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member. Paul Laudanski, Member of Computer Cops, LLC Server Load: 749 pages served in previous 5 minutes. Page Rendered: 0.698 seconds.