1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Re-installed Windows XP PRO SP2 and encountered a VERY strange problem.

Discussion in 'Virus & Other Malware Removal' started by ghowthoo, Jan 3, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. ghowthoo

    ghowthoo Thread Starter

    Joined:
    Jan 3, 2006
    Messages:
    6
    Hey guys!

    Long story short I reinstalled my whole OS due to the fustration of a massive wave of viruses/malware/spyware/whatever happened that bombarded my system in a single evening and caused everything to single handly go chaotic. :mad:

    so wipeing my whole system was faster then trying to diagnose and find out my problem(s). hehe

    I reinstalled Windows XP PRO SP2 and I encountered a problem I have never seen before. I even tried googling it and nothing showed up.

    Basically the machine is fresh, the only thing I have installed are a few of the mobo drivers like asus 4-1 driver and usb 2.0 driver... everything is going fine... I decide to install the latest version of Directx off the website before installing my nvidia drivers from nvidia since my version was 8.1 with the fresh copy.

    I downloaded and installed Directx 9.0c fine... but then something very odd happened, When my computer loaded up, I saw a QUICK flash of the MSDOS prompt window with the words "MC-110-12-0000136.EXE" and then exits that window quickly.

    I tried to jump to my msdos prompt to see where this file came but it wouldnt let me open up the window, it wouldnt let me open up a msconfig window or a "control-alt-delete" window.. the windows would just flash and automatically close.

    I reboot my machine and as soon as I get into the desktop I try to go into the programs I just described above before that "MC-110-12-0000136.exe" executed and they opened up fine... but as soon as that program executed, boom, the above happens again.... it also does weird things when I'm in my internet browser, it wouldnt let me get to places or have things load promptly.

    I was able to drop to dos prompt and execute this file "MC-110-12-0000136.exe" to see what it does but it does nothing that my eyes can see..

    I am not sure where this came from, I tried deleting it but it just comes back... I THINK it came after I installed direct X 9.0c and typed "dxdaig" and accepted where it asked if it could

    "allow DxDaig to check if your drivers are digital signed as logo'd by Microsoft Windows Hardware Quality Labs (WHQL)?" etc..

    and I went into it and thats where I first saw that flash of my MSDOS prompt executing "MC-110-12-0000136.exe"

    I dunno if it came from that or from something else but the machine had a fresh copy of windows installed and I didnt visit any websites besides official ones like microsoft or nvidia. but even then I only went to them once before this happened... it happened early on before I was able to install any of my hardware drivers and such.

    I disbled the windows messenger and MSN messenger as well, thinking maybe this file got in with those... but what are the odds lol.. i guess big... anyway I guess I am going to have to re-install again tonight..

    oh also, I have 2 hard drives, 100 GIG petitioned 20 GB, 80GB, which houses the OS... and a 250 GB which houses some Fraps videos of the games I play... thats the only hard drive that has anything on it, I dont think there could be a virus or some sort of thing on it but I guess thats worth mentioning.

    I was able to run a online scan using Trend Micros free virus/malware/spyware and it didnt find anything on any of my hard drives... although there was something "funny" that happened while scanning but I dunno, I may try to scan again to see if my 250GB is infected somehow before but I doubt it... anyway thanks for any feedback..

    Sorry for the long post, Ive spent about 9 hours or so tonight on this lol... its about 7:26 AM EST... time for bed.. =)

    thank you!
     
  2. EvileYe

    EvileYe

    Joined:
    Aug 30, 2003
    Messages:
    1,281
    It appears you are infected with a variant of the Trojan.Agent.FD.

    I found quite a few hits on google by shortening the file name to MC-110-12

    A little info here http://virusinfo.prevx.com/pxparall.asp?PXC=45021425049

    I will ask that this post be moved to the security section, someone with more experience dealing with malware/viral infections will help you out over there.
     
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,223
    First Name:
    Derek
    go to here and download 'Hijack This!' self installer. Save it to the desktop or other suitable place. DO NOT just press run from the website Double click on the file and it will install to C:\program files\hijackthis and create an entry in the start menu and an optional shortcut on desktop.
    Click on the entry in start menu or on the desktop to run HijackThis
    Click the "Scan" button, when the scan is finished the scan button will become "Save Log" click that and save the log.
    Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
    It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
    so do NOT fix anything yet.
    Someone here will be happy to help you analyze the results.
     
  4. ghowthoo

    ghowthoo Thread Starter

    Joined:
    Jan 3, 2006
    Messages:
    6
    thanks for the reply guys!

    you were right EvilEye, it is that malware thing. The funny part is just as I am replying to this thread post, my system is downloading something weird and installing it and then the MC-110 file executes again hahaha... oh man this malware is crazy...

    i even tried to get a hijackthis file log of my machine posted to you guys but everytime I run it, it gets shut off like how i explained above with similiar programs i try to run.. so I cant get a log saved or anything quick enough lol...

    i think im gonna go ahead and reinstall... this is soo much trouble.. it is a fresh copy anyway, nothing on it...

    thanks again for everybodies help.
     
  5. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    When you say reinstall, hopefully you mean format and CLEAN install?
     
  6. ghowthoo

    ghowthoo Thread Starter

    Joined:
    Jan 3, 2006
    Messages:
    6
    yup sure do.. id run the windows xp pro disk from boot and delete my partitions and re-create a new partition then format it...

    right now Im using my machine with another fresh copy.. and about 5 minutes ago everything was going smooth, I thought I was free from this malware thing but then it pops up... i do have a few computers connected to my home network which i am assuming I may be getting infected by them, either that or the 250 GB hard drive that I have housing my videos and pictures and stuff... man this thing is crazy.. im gonna perhaps scan my other computers to see what the deal is... if all that fails i may as well delete the whole 250 GB drive and have everything completely clean...

    well since it poped back up a fe wminutes ago, i tried to run a hijackthis log file for you guys but fail misierably... this thing keeps on closing anything "essential" that could destroy it... like control-alt-delete menu pop up and things alike.. lol..
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/430626

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice