Martin Waddell said:
On opening my users account I am greeted with the following message Windows
cannot find C:\Windows\system32\geede.exe. There have been variants of this
message with the geede being replaced with vtsqr and ssqrp. It appears to
be a problem associated with viruses W32. Trats and .. Nortons
keeps finding these viruses and blocking them and then removing them. I
have run Nortons many times and run Spybot and more recently tried Advance
Windows Care and yet this irritating start up message appears. I have
diasabled System Restore before each scan.
Any thoughts on how I can deal with this matter will be appreciated.
There is a script residing somewhere and the Virus would like to pull the
path from, but been caught RED handed!.
You need to remove all traces for this infection and run a thorough scan for
malware and viruses, i think you may having Norton running a quick scan, try
safe mode and run a full scan.
W32.Trats
http://www.symantec.com/security_response/writeup.jsp?docid=2007-120608-4519-99
Trojan.Vundo Removal Tool
http://www.symantec.com/security_response/writeup.jsp?docid=2004-112210-3747-99
Use Autoruns to find and Remove unwanted these entries:
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/Autoruns.mspx
Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
RootkitRevealer v1.71
By Bryce Cogswell and Mark Russinovich
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx
Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Lots of tools to download and disinfect your machine (offline scanner):
http://www.bitdefender.co.uk/site/Downloads/browseFreeRemovalTool/
After the scan run disk cleanup on your drive.
2- Download the Hijackthis and send the report to one of many
forums for analysis and troubleshooting:
http://www.merijn.org/index.php
When all else fails, HijackThis v2.0.2
(
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis) is
the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. Post
your log to
http://aumha.net/viewforum.php?f=30,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7, or other appropriate
forums for expert analysis, not here.
HTH.
nass
