PDA

View Full Version : spoolsv.exe in the dllcache file


jcody777
2008-11-07, 18:38
I had 19 different spyware items, 2 trojans. And Spybot told me to replace the spoolsv.exe file from dllcache file into the system32 file.
I found the dllcache file, but the spoolsv.exe file is not in there.

Do you think the spoolsv.exe in the system32 file is still part of the trojan spyware?

Also, could I take the spoolsv.exe file from any computer??

Thank you for any help!
md usa spybot fan
2008-11-08, 06:12
jcody777:

Try scanning the file with one or both of these online scanners and see what you get:
Online malware scan (http://virusscan.jotti.org/) (virusscan.jotti.org)
VIRUSTOTAL - Free Online Virus and Malware Scan (http://www.virustotal.com/en/indexf.html) (Virustotal.com)
jcody777
2008-11-10, 18:16
Thank you. Both scans showed bo threats left.
My computer is still acting weird. Like there are a lot of processes going on in the back ground.
jcody777
2008-11-11, 00:23
I just un installed Adaware, and the background processes went away.
I am still worried that part of the Trojan spyware is still in my computer, even though all my Spybot scans have come up clean.
jcody777
2008-11-11, 17:36
My Symantec picked up items that keep coming back.
XPAntivirus
Trojan Horse.
Trojan.Pandex
Trojan.Virantix.C
Trojan.Fakeavalert
Hacktool.Rootkit

But I think they are viruses, it shows successfully cleaned & quarantined.

It is all part of the original email spyware attachment that I got.

Anybody have any answers of what I should do??
md usa spybot fan
2008-11-11, 18:27
jcody777:

Have you attempted following the removal instructions in the following Symantec (www.Symantec.com) articles for the problems Symantec identified?
XPAntivirus - Symantec.com
http://www.symantec.com/security_response/writeup.jsp?docid=2007-101010-0713-99
Trojan Horse - Symantec.com
http://www.symantec.com/security_response/writeup.jsp?docid=2004-021914-2822-99
Trojan.Pandex - Symantec.com
http://www.symantec.com/security_response/writeup.jsp?docid=2007-042001-1448-99
Trojan.Virantix.C - Symantec.com
http://www.symantec.com/security_response/writeup.jsp?docid=2008-050916-1055-99
Trojan.Fakeavalert - Symantec.com
http://www.symantec.com/security_response/writeup.jsp?docid=2007-101013-3606-99
Hacktool.Rootkit - Symantec.com
http://www.symantec.com/security_response/writeup.jsp?docid=2002-011710-0057-99
Have you attempted to contact Symantec (www.Symantec.com) technical Support for assistance in removing the problems Symantec identified? Spyware Removal - Virus Removal Norton Premium http://www.symantec.com/norton/support/premium_services/premium_virus.jsp

Start Chat (https://www-secure.symantec.com/norton/support/contact/chat/chat_start.jsp?chatexp=vss&dept=ps&pvid=vss&pid=suth-vss)
or
CALL 1 (877) 788-4877
_____

If both those approaches fail, consider posting in the Malware Removal (http://forums.spybot.info/forumdisplay.php?f=22) forum on this site and having someone take a look at your system.

If you decide to have an experienced malware removal specialist assist you, please follow the procedure in this link to run scans and produce a HijackThis log: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) ( http://forums.spybot.info/showthread.php?t=288).
After you have completed the required scans and produced the requested logs, start your own thread in the Malware Removal (http://forums.spybot.info/forumdisplay.php?f=22) forum, making sure to post the HijackThis log produced from the above instructions.