Help Needed..Virus Removal

Hello all...
Can anyone help me with a problem i have.....
When i boot up, (XP Home edition) i get a file in task manager called msaccess...I did some research and there wasn't much info, all i found was that it might be Klez worm as it overwrites the msaccess file, i use Mcafee virus scan and it finds the file in windows/system32 folder, Mcaffe reads it as a dialer-gen....
So....
I ran a Klez worm detection tool, and nothing.....
Then......
I turned off system restore, rebooted in safe mode, run the virus scan, deleted the msaccess file, but i could not find the reg key in regedit....
I looked in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
But could not find it.....
Anyway i rebooted but the file is still there in task manager, and i keep getting a small popup saying "already running"....

I forgot to add, that i also use and have tried, Adaware,CWShredder, and numerous spyware/trojan/malware removal software....

Can anyone help...?

Try a webscan from norton site...and then download the correct removal tool...

Tried that just...
found nothing, its really strange why this is happening...

Cause you're using to much P2P i guess...
These things come and go and hide in anyfile type possible...

just out of curiosity have you tried uninstalling and reinstalling microsoft office? for some reason im getting the feeling that it has to do with your microsoft access program. (Assuming you have microsoft access)

Sorry forgot to mention that i am not using any office programs..

Could you take a screenshot of the problem? I'm not sure of exactly what's going wrong with your system..

I don't think it's klez from what it sounds like, but i don't know what's going on, either. If it was klez, you probably wouldn't even notice it.. it generally doesn't affect your system at all, it just sends out random crap email.

If you think it is klez, check your registry for:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Wink(insert random garble afterwards (for instance, wink2197213) )


Otherwise, do a printscreen, because i'm not sure what the problem is..

did you try to go to Mcafee and download a stinger? This has about 40 of the top viruses and removes them without any hassle. Just a suggestion.

Don't think its Klez.. no files in that registry folder, the problem is hard to explain, all i can say is as i said in thr first post....i use Mcafee virusscan proffesional, and it finds this file (mssaccess.exe ) as a dialer-gen, a potentially unwanted program...which is running in taskmanager, i can end the process, no problem, however if i leave it running i get a small popup box sayinh already running....i have booted in safe mode and deleted the file, but because i can't find the regkey it returns when i reboot.
If i could find out where it was in the registry, i could boot in safemode, run the virus scan delete the file then delete the registry file.....

Sounds strange.. but aside from McAfee pointing it out as a dialer-gen, what is it doing to your system? Have you actually noticed anything yet? heh

Msaccess can be abused by stuff such as klez, i'm not sure how Mcaffee works since i've never used it, so maybe that's why it lists it as a potentially dangerous file? Msaccess itself isn't a problematic file..

I don't think you're supposed to be deleting Msaccess unless something is actually wrong with it.

This is probably a stupid question but have you looked in Start>Programs>Startup?

Also try running up MSConfig (Start>Run>msconfig.exe) then click startup and see if you can find the file there? (msconfig also checks the startup so you can just use that instead of my first suggestion)

S

Hello everyone...I was looking for some info on a virus detected as "Dialer-gen" (wzdesk6x[1].exe) and I found your post right here about it....
So I did a fast Mc cafee virus scan and was able to deleted ...but the thing is ...my computer has been running with it for probably 3 days...does anyone know if the virus itself once deleted by mc cafee can still remain in some other file>?

+ since we're in the topic...If you guys know anything about that'd be cool!! :
Adware-Rblast.dll (0006[1].cab) & Adware-netPals (gnsnfnrsz[1].cab)


Thanks again ...

This may provide help.

http://securityresponse.symantec.com/av ... en@mm.html

allright...thanks for the url....