My PC has been acting weird, I did a scan, and 3 files came up infected. The names of the files are:
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\shell32.dll
C:\WINDOWS\system32\ntoskrnl.exe

What are those files (I assume they're part of the OS) and is it wise to delete them? Reinstalling windows is not an option.

Ask them about these problems here, they are very good:

http://forums.thatcomputerguy.us/index.php?showforum=39

Which virus is it?

No idea. I posted all I know.

They are windows files so deleting them is not advised

I'm assuming you don't have access to the Windows CD?

Tell your antiviral program to repair them, if possible

What anti-virus do you use?

I wouldn't know what it is like not to have virus problems.

It never ceases to amaze me how these virus are getting purposely created by some nerd in order only to create chaos. You want to fuck over some big corporation, try your luck!, but all this fucking over run of the mill users is sick. Then of course is this theory that its actually antivirus businesses which create them in order to sell their stuff.

The last time I combined Windows with the Internet, I foolishly caught that annoying CW thing, undetectable by the anti-virus I was using. It dramatically slowed all the performace of my computer, but instead of causing other problems, it only redirected some of the Google links from time to time, which was instantly visible. I've had much trouble removing it, and after I did, the whole system worked crappy because of the mess it made in the registry.

Funny thing is that I know of many people who had the same symptoms, by they bought aditional memory and graphic cards instead, in order to increase the performance. They make their computers that powerful that both the viruses and the user can use it without 'bumping' into one another.

Nice way of giving up, eh? :D

True. Many people don't even know they have viruses - they think their machine is working slowly or improperly because its components are out-dated, so they upgrade it.

I use AVG.

C:\WINDOWS\system32\ntoskrnl.exe

http://www.liutilities.com/products/wintaskspro/processlibrary/ntoskrnl/

Looks like you have some critical files that are fucked up or have been altered by some virus process.

Charles, AVG isnt as great as they say it is. You may wish to try the free Kaspersky that they're offering. That sucker picked up all kinds of junk I had that just about every other scanner missed.

http://www.kaspersky.com/beta?product=165219909

Once you get that crap out you might want to run a program that checks/fixes your registry. You probably have all kind of junk in there.

I use AVG.

I use AVG for viruses and I use Microsoft Anti-Spyware Beta for spyware

I've currently got Norton Antivirus. AVG doesn't play nice with my burner program, for some reason. Can anybody recommend a good free second line of defence?

I also use ewido security suite, Webroot Spy Sweeper, Spyboy Search and Destroy, AdAware, and ZoneAlarm Pro Firewall.

The last time I combined Windows with the Internet, I foolishly caught that annoying CW thing, undetectable by the anti-virus I was using. It dramatically slowed all the performace of my computer, but instead of causing other problems, it only redirected some of the Google links from time to time, which was instantly visible. I've had much trouble removing it, and after I did, the whole system worked crappy because of the mess it made in the registry.

Funny thing is that I know of many people who had the same symptoms, by they bought aditional memory and graphic cards instead, in order to increase the performance. They make their computers that powerful that both the viruses and the user can use it without 'bumping' into one another.

There is a program for removing "coolweb".

There is a program for removing "coolweb".
Yes, CWShredder can be found here (http://www.spywareinfo.com/~merijn/downloads.html), along with several other useful programs

As this seems to have become the 'help anyone who posts problems with their problems' thread...
Right now, I get a message saying:
"[website] could not be found. Please check the name and try again."
when accessing Google and some other frequently used websites. The Phora is working fine, obviously, as is emule and all of my instant messenger programs, so I'm pretty sure I'm still connected to the internet :p . Power-cycling my modem thingy seems to fix the problem temporarily, but a few hours after doing so, the problem returns. Any thoughts?

those are just dll file. sometimes dll files shows up as a virus on scans when there is not a virus. it could even be one of your memory ram chips going bad. and if you are running xp that first dll file shows up damaged on alot of computers. do an internet search on each one of those files and you can learn alot. don't worry too much yet it might not be a virus.
if you receive an error message that references the user32.dll file, the user32.dll file may be damaged. one or more of the random access memory (ram) modules that are installed in your computer is faulty, or the ram configuration is incompatible.
ntoskrnl.exe this file is the kernel of the operating system windows xp. the kernel is responsible for loading, executing and communicating with device drivers. after the kernel is loaded, services and drivers will be started.

right now, i get a message saying: "[website] could not be found. please check the name and try again."when accessing google and some other frequently used websites.i get that sometimes too. also sometimes on forums i noticed if i click on a thread then i try to click on the second page too fast it gives me that message too. so then i have to wait for the first page on the thread to finish downloading then click on the second page and it works.
yet it only does it sometimes not always so i am believing it just might be when the server is slower.

i do know for a fact that if you put as much stuff as you can in small letters it speeds the websites up. everytime the browser comes to a capital letter it stops for a second to configure it. i have tested it over and over with websites and all small letters speeds up the browser and downloading of web pages. especially if all the html code is in small letters.

There is a program for removing "coolweb".

Yes, CWShredder can be found here (http://www.spywareinfo.com/~merijn/downloads.html), along with several other useful programs

Yes, I used CWShredder exactly to have it removed. And after I did, the system worked, but it had a bug that annoyed me big: whenever I'd have a right-click on any .exe file, the whole Window Explorer would shut-down and re-start.

Another interesting thing was the self-protective power of that CW. Whenever I tried to access any site from where I could download CWShredder, it would shut the window down. So I downloaded it via download-managers, but again, as soon the download got completed, CW would erase the file. And when I downloaded it under a different name, the file would remain, but as soon as I started it, the CW would terminate the application, and erase the file. Even under the safe-mode the CW had this 'power', but there it gave it time enough to quickly click on the 'I Agree' button after the first start of the Shredder, from what point the programme would run OK.

Yes, I used CWShredder exactly to have it removed. And after I did, the system worked, but it had a bug that annoyed me big: whenever I'd have a right-click on any .exe file, the whole Window Explorer would shut-down and re-start.


Unrelated virus/problem... that manifestation of coolweb sounds bad...

Yes, I used CWShredder exactly to have it removed. And after I did, the system worked, but it had a bug that annoyed me big: whenever I'd have a right-click on any .exe file, the whole Window Explorer would shut-down and re-start.

Another interesting thing was the self-protective power of that CW. Whenever I tried to access any site from where I could download CWShredder, it would shut the window down. So I downloaded it via download-managers, but again, as soon the download got completed, CW would erase the file. And when I downloaded it under a different name, the file would remain, but as soon as I started it, the CW would terminate the application, and erase the file. Even under the safe-mode the CW had this 'power', but there it gave it time enough to quickly click on the 'I Agree' button after the first start of the Shredder, from what point the programme would run OK.
Use a process manager to shut down all strange programs before carrying out such operations

Task Manager will do, but there are much better ones available

(eg. go to www.sysinternals.com and get their Process Explorer)

Anyway, regular reinstallation of Windows is a always good idea - it only takes a couple of hours and reliably wipes away all that nonsense

Use a process manager to shut down all strange programs before carrying out such operations

Task Manager will do, but there are much better ones available

(eg. go to www.sysinternals.com and get their Process Explorer)


Anyway, regular reinstallation of Windows is a always good idea - it only takes a couple of hours and reliably wipes away all that nonsense

Thanks for the advice Cowcube, but it seems I forgot to emphasize that it happened a year ago, and not recently. :o

I solved the problem by cutting the Gordian knot and re-installed Windows, and never again opened Internet connection under it. It works just well - more than a year has passed and no viruses or any system malfunction bugged me no more :)

No problem, and I can't stress this enough, don't use Internet Explorer, ever

(Windoze updates excepted of course...)

http://browser.netscape.com/ns8/
www.mozilla.org
kmeleon.sourceforge.net
www.opera.com

No problem, and I can't stress this enough, don't use Internet Explorer, ever

(Windoze updates excepted of course...)

www.netscape.com
www.mozilla.org
kmeleon.sourceforge.net
www.opera.com

I'm a big fan of mozilla