Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Malware mvsr32.exe - What is it?

  1. #1
    chuckiechan Guest

    Default Malware mvsr32.exe - What is it?

    Malware mvsr32.exe - What is it?

    It keeps asking Zone Alarm for permission to contact the internet, so I "killed" it. I've done a variety of Trojan and Virus scans and nothing comes up.

    More Info: the IP it is trying to reach is 66.60.130.2DNS Anyone know where this is? Note there is a colon between .2 and DNS, but a smiley comes up so I had to remove it!

    I've done a system search and nothing comes up.

    I did a Google search and the results are not in English and the translator isn't doing a very good job.

    I can't find an English description to tell me how to remove it.

    Any ideas?

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,289

    Default Re: Malware mvsr32.exe - What is it?

    Hi!Have you tried to upload the file to www.virustotal.com and see what is the name of this malware, if it is a malware?What version of ZA are you using? Go to ZA try icon --> right click --> about --> copy to clipboard --> paste it here...Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Malware mvsr32.exe - What is it?

    http://www.dnsstuff.com/tools/whois.ch?ip=66.60.130.2

    it is surewest internet of California.

    Is this your provider?

    Tried these surefire freeware for malware/spyware removal? The online scan requires the IE since the ActiveX component is required.

    http://www.emsisoft.com/en/software/free/

    http://www.ewido.net/en/onlinescan/

    http://www.superantispyware.com/

    Oldsod
    Best regards.
    oldsod

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Malware mvsr32.exe - What is it?

    Download the HJT

    Unzip and Open it.

    Select the " Open the Misc Tools section" button on the main Panel

    Select the "delete a file on reboot"

    Select the mvsr32.exe file in the explorer panel

    Close all windows from the other software and applications and click Yes to restart. Look for it after the reboot.

    Hopefully it is gone, but it could be a rootkit. If it is a rootkit, then the conventional scanners will not remove it properly.

    Oldsod
    Best regards.
    oldsod

  5. #5
    pairofhearts Guest

    Default Re: Malware mvsr32.exe - What is it?

    Are you CERTAIN it is mvsr32.exe and not nvsr32.exe??

  6. #6
    flyyourway Guest

    Default Re: Malware mvsr32.exe - What is it?

    Use http://search.yahoo.com/
    and enter C:\WINDOWS\system\msrv32.exe as the search criteria,read up on some of those results.

    Also remember there are a few more search engines then just Google,google is great,but can return lame results at times.

  7. #7
    chuckiechan Guest

    Default Re: Malware mvsr32.exe - What is it?

    Is is definitely mvsr32.exe. A buddy of mine (Techimo.com) got the "Whois". I have E mailed Surewest and asked them if it's theirs.

    I'll try Oldsod's advice next. Funny tho, no searches including find, Avast anti virus, a couple of free scans have picked up anything but if I take it off "Kill" in Zone Alarm Pro ($$) it pops right back up asking to alter a driver and contact this IP.

    BTW: download the HJT... as in do a Google for HJT?

  8. #8

    Default Re: Malware mvsr32.exe - What is it?

    Hi Chuckiechan ,
    HijackThis is a a great tool but if your unsure of what you're doing the best bet would be to post a HijackThis log at Castlecops or Spywarewarrior and let the pro's take a look at you're log .


    http://www.castlecops.com/f67-Hijack...ans_Oh_My.html




    http://www.spywarewarrior.com/viewfo...a47e6d411de750



    The link below will give you a brief explanation about HJT


    http://www.answers.com/main/ntquery?s=hijackthis&gwp=16

  9. #9
    chuckiechan Guest

    Default Re: Malware mvsr32.exe - What is it?

    I'll keep you posted on what my ISP says (probably nothing). What's weird is no one has heard of this file, except when I Googled I got some info in a foreign language that Google poorly translated.

    To go to "Hijack this" I need to bring it back to life... I can still "deny" but not telling what is really going on...

    Crikey!

  10. #10
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Malware mvsr32.exe - What is it?

    Yes please observe Guru Greb49er's advice.

    The HJT is not a typical scanner for malware removal. It has no lists of what to remove and what not to remove.

    It is very powerful and will remove registry keys and files all in one swoop. Any mistakes made by selecting the wrong files/keys could result in an unuseable OS.

    What I do is simple. I installed the OS, installed the drivers and installed the security and the updates. Then I run the HJT and create the two logs. These are used for references for any future situation. I zip those two logs.
    When new software is installed and more updates are added, I run it each time after. Again the new logs are zipped and saved. In the event of some stupidness on my part, and I get infected, I have the clean logs to compare to the malware-infected PC logs. The comparision gives me something to figure out and some idea as to what is infected and where. This is a slow and steady process, but it does mean that no additional antispy-ware is actually needed.I can clean and remove the infection manually.

    The PC runs a little smoother without the heavy full-time scanners for the spyware and I have full control of what is happening at all times, without the intervention of a software doing the chores for me without my say so.


    HJT Download

    http://majorgeeks.com/download3155.html


    HJT preliminary for users ,before posting the HJT logs in a HJT forum

    http://forums.majorgeeks.com/showthread.php?t=35407

    HJT tutorial is recommended to be read when the PC is clean not so much in that emergency panic. This does explain a lot on how to use the HJT and what not to do. It has great details and is a good help guide for the HJT.

    http://www.bleepingcomputer.com/tuto...utorial42.html


    Self help guide for users to remove nasties of all kinds. But it is a general guide and nothing specific.


    http://spywarewarrior.com/sww-help.htm

    I would recommend to run a reg/file cleaner to help remove some stray bits and remmants. The freeware CCLeaner is quite good

    http://www.majorgeeks.com/CCleaner_S...ish_d4191.html

    Oldsod
    Best regards.
    oldsod

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •