Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Do I have the w32 Blaster?

15 May 2013   #341
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I'm trying to find a discrepancy somewhere! Just asking questions to find out what 'exactly' was quarantined, and why.

All of these are legit hash files for MpSvc.dll
Agics - System Processes - Filereport MpSvc.dll (MpSvc.dll plug-in)

Altho' this one is "not very common" C:\mpsvc.dll ------- 1011712 bytes [16:36 14/05/2013] [16:32 14/05/2013] CF318F60A84F15AF352439465A8D05F4
http://www.backgroundtask.eu/Systeem...439465A8D05F4/


My System SpecsSystem Spec
.
15 May 2013   #342
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Just looking and found this. Might help you and might not.
When I Google this.
CF318F60A84F15AF352439465A8D05F4
Lot of web sites that might be of some use.

https://www.google.com/search?q=9056...-a&channel=rcs
My System SpecsSystem Spec
15 May 2013   #343
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

@Prescottbob ...
  • Please download Autoruns http://download.sysinternals.com/files/Autoruns.zip and save it to your desktop.
  • Right click on the downloaded file and choose Extract All Files.
  • Once extracted, open the program named Autoruns.
  • Click on Options and then Hide Microsoft and Windows Entries.
  • Press F5 to refresh the startup list.
  • Next go to File -> Save and choose the file type to Text File (.txt).
  • Please attach the text file to your next reply.
My System SpecsSystem Spec
.

15 May 2013   #344
Prescottbob

Windows 7 home premium 64 bit
 
 

It will be a few minutes-I'm away from the office on my Ipad.
My System SpecsSystem Spec
15 May 2013   #345
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

My System SpecsSystem Spec
15 May 2013   #346
Prescottbob

Windows 7 home premium 64 bit
 
 

I downloaded AUTORUNS.zip. When I right clicked it, I then clicked on EXTRACT ALL. I now have a window to extract all to the desktop\autoruns. I click extract and an EMPTY autoruns folder comes up!? Guidance please.

The Adobe thing I clicked on sure didn't look like the HD thing. I swear it looked just like the regular update window that comes up to install updates--but this one came up in the middle of the screen when I was leaving the REAL CLEAR POLITICS website having clicked on a like the took me to an article on REAL CLEAR TECHNOLOGY. However, that morning JAVA and ADOBE update windows had been persistent and I probably clicked on this thing to stop the interruptions.
My System SpecsSystem Spec
15 May 2013   #347
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I would suggest stop downloading things unless these good people request you to. Their will be no catching up with infections. You could be installing infection faster that these good people are removing them.
My System SpecsSystem Spec
15 May 2013   #348
cottonball

Windows 7 Home Premium
 
 

Sorry to interrupt your query, Prescottbob.

@Jacee,

On your post, #336:
C:\Program Files\Microsoft Security Client\MpSvc.dll --a---- 1555920 bytes [18:36 27/01/2013] [18:36 27/01/2013] 905601FFF40D8DA9FA82CBE77D1F5EB1

Thought you were just asking a question, until the "Good catch..." was mentioned. Couldn't figure that one out.

On:
C:\mpsvc.dll ------- 1011712 bytes [16:36 14/05/2013] [16:32 14/05/2013] CF318F60A84F15AF352439465A8D05F4

The link to that file was provided by one of our colleagues at BC. He also had an unusual entry on the FSS report.

You will not see mpsvc.dll placed in C:\ by any program, because that is just where I requested Prescottbob to save it.

From there, an FCopy was done to place it in C:\Program Files\Windows Defender\MpSvc.dll

The FSS run after the FCopy shows:
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

That is all with the C:\mpsvc.dll. It could just be removed, but, prefer to not do so yet.



I'm lost again, though...
Quote:
Just asking questions to find out what 'exactly' was quarantined, and why.
Quarantined??...Can you tell me by what program?
My System SpecsSystem Spec
15 May 2013   #349
cottonball

Windows 7 Home Premium
 
 

Laybackbear,

Prescottbob was instructed by Jacee to download Autoruns.
My System SpecsSystem Spec
15 May 2013   #350
cottonball

Windows 7 Home Premium
 
 

Prescottbob,

Please remove anything from Autoruns except the downloaded zipped file.
Right-click on the downloaded file and select: Extract to Autoruns\

It should create a folder on the Desktop also called Autoruns

In that folder, are there 4 entries, one of them being the application?


Attached Thumbnails
Do I have the w32 Blaster?-capture-autoruns.png  
My System SpecsSystem Spec
Reply

 Do I have the w32 Blaster?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
W32 Blaster Worm
Hello, My computer has caught this worm and is driving me crazy, it starts with the spyware protection software which tells me I have many viruses. Im aware its a scam but i cant seem to resolve the problem in safe mode using spybot & uniblue registry cleaner. Please could someone help me,...
System Security
blaster.worm help
my laptop wont do anything. I keep getting a message saying blocked by w32/blaster.worm. Can you please pretty please help me
System Security
Facebook blaster pro
Hi,recently i have remove facebook blaster pro.but when i start my pc a pop up of it show up.it run firefox from himself.Plz help me?
Software
worm blaster
my husbands computer got the worm blaster. the computer was working fine in the am.and i had only searched walmart .com. at noon when he turned it on it said it was infected and wouldnt let us go to anything. i am running avg(updated) and mcfee on it. now all of his desktop icons are gone and i...
System Security
Sound Blaster
My sound chip on my motherboard seem to have gone kaput, got a Creative Sound Blaster Audigy SE. Apparently it don't work with Win7, yet its all right on my Vista partition. Trying to find a driver that will make it compatible with 7. Anyone had that problem.
Sound & Audio


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:45.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App