Always checks whether the C:/Windows/system32/toaksie. dll has an unknown service load? Repair ~

Source: Internet
Author: User

Always checks whether the C:/Windows/system32/toaksie. dll has an unknown service load? Repair ~

Original endurer
1Version

A friend's computer is equipped with rising and guard. Recently, guard always detects an unknown service load in C:/Windows/system32/toaksie. dll.

After the friend upgraded rising star, he detected and killed the virus and killed a trojan. However, the guard still jumped out every time he started the machine. Please try again.

Download pe_xscan to scan logs and analyze the logs. The following suspicious items are found:

Pe_xscan 08-08-01 by Purple endurer

Windows XP Service Pack 2 (5.1.2600)
MSIE: 7.0.5730.13
Administrator user group
Normal Mode

O2-BHO Microsoft class-{FFFFFCF1-4B15-11D1-ABED-709549C10000} = C:/Windows/system32/devtlde. dll |

O23-service: utility (Microsoft applocale utility)-C:/Windows/system32/svchost.exe-K netsvcs |-> C:/Windows/system32/toaksie. dll (automatic)

Use fileinfo to extract file information:

File Description: C:/Windows/system32/devtlde. dll
Attribute: ---
Digital Signature: No
PE file: Yes
Language: English (USA)
File version: 2, 0, 0, 1
Description: Microsoft Module
Copyright: Copyright 2008
Note:
Product Version: 2, 0, 0, 1
Product Name: Microsoft Module
Company Name:
Legal trademark:
Internal name: Microsoft
Source File Name: Microsoft. dll
Creation Time:
Modification time: 16:28:10
Size: 86016 bytes, 84.0 KB
MD5: 911b82afccb2daa5d7d02917ebdee326
Sha1: 8eae561364faab1262eccb1b0a03095af6835a87
CRC32: a54f14f8

Subject: Re: devtlde.dll.rar [KLAN-12769558]
Sender: "" <Newvirus@kaspersky.com> Sending time: 20:39:54

Hello,

Devtlde. dll-Trojan. win32.bho. HEX

New malicious software was found in this file. It's detection will be added in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from Update sources.
-----------------
Regards, Vitaly butuzov
Virus analyst, Kaspersky Lab.

Use bat_do to package backups and delete backups in a delayed manner.

Use the rising Kaka Security Assistant to delete the startup Item.

It took more than half an hour to restart the computer. The guard did not prompt

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.