What are these dll's?

[SoundGuyDave]

Does anyone know what the following files do:
ssqrsqn.dll
geebx.dll
51ec286b.exe

I'm using a progam called Security Task Manager, this me shows everything thats running on my computer. It tells me that the 2 .dll's are "Potentially Dangerous" because there is no detailed discribtion of the program. Also there is no manufacturer info. and it's function is to monitor, record inputs and manipulate. They start when Internet Explorer starts, I'm using Mozilla Firefox i don't know if makes a difference or not.

As for 51ec286b.exe it has the same "Potentially Dangerous" rating for the same reason in
Security Task Manager. And my Firewall keeps asking me to grant it permission to access the net, I never allow it to do so.

The 3 files are in the System32 folder and 51ec286b.exe is in C:\Documents and Settings\Administrator\Local Settings folder also. I have quarantined them in Security Task Manager so they won't start the next time windows starts but they still start everytime. I haven't tried to delete them manually, yet.

I'd be greatful for any help,
Cheers.

 

[mechBgon]

Are you using antivirus software? If so, what kind? Try putting those .DLLs into VirusTotal's multi-scanner and see what the results are: http://www.virustotal.com and the uploader is near the top. VirusTotal scans with about 25 different antivirus products and shows what they find.

 

[SoundGuyDave]

I'm using Zone Lab's ZoneAlarm Firewall, Webroot's SpySweeper and Windows Defender none of these found anything, except ZoneAlarm which as i've said warns me when 51ec286b.exe is looking to access the net. I'll try VirusTotal. Thanks

 

[mechBgon]

Ok, so you have zero antivirus software, then. Try a 30-day trialware of Kaspersky AntiVirus Personal 6: http://www.kaspersky.com/trials.


1) once it's installed, double-click the red K down in the tray to open up the Kaspersky window, then click the SETTINGS at the top

2) go through every panel in SETTINGS and max out all the detection sliders and enable all the checkboxes except Application Integrity Control

3) now right-click the red K and do an Update.

4) reboot if necessary, then right-click the red K and do a Scan My Computer

5) take a snack break while the scan runs.

6) when the scan is complete, see what it found and nuke it all. Kaspersky is known as one of the top-notch programs, so if there's a Trojan, worm, backdoor, rootkit or virus, it's probably going to find it.

 

[SoundGuyDave]

I've been looking for a good antivirus program,I havent found a good all rounder. Some are just plain useless and others slow down my pc. I'll try Kaspersky, does it slow down your pc?

 

[mechBgon]

Originally posted by: SoundGuyDave
I've been looking for a good antivirus program,I havent found a good all rounder. Some are just plain useless and others slow down my pc. I'll try Kaspersky, does it slow down your pc?

Not as much as a heavy virus infestation :evil:

Once you've got the system cleaned, you can revert it to the "Recommended" detection levels so it doesn't have as much performance impact. But overall, people are saying that Kaspersky 6 is not too bad, especially considering it's one of the ones that has really high detection rates and effective cleaning abilities. Anyway, you can judge for yourself about its performance impact when you try it out

 

[corkyg]

The geebx.dll is also .known as trojan.vundo. It is not easy to remove.

Vundo

 

[lenjack]

Why not Google for these dll's?

 

[RelaxTheMind]

spysweeper is usually good at getting rid of the vundo. its spyware that has virus like attributes. Avast (avast.com) has a pretty good FREE antivirus and it has a boot time virus scanner too. I like it for computers that have to much crap that make the virus scan take several hours.

 

[SoundGuyDave]

Originally posted by: lenjack
Why not Google for these dll's?

I have Googled them, i got no results.

 

[earthman]

AVG is a light fast antivirus that doesn't seem to have alot of overhead. It has a free version.

 

[SoundGuyDave]

UPDATE:

I downdloaded Kaspersky 6 and it found 51ec286b.exe to be a trojan downloader and ssqrsqn.dll to be Adware.
As corkyg said "The geebx.dll is also .known as trojan.vundo." I killed it with Spysweeper.

Kaspersky also found 43 other malicious files on my PC, which i was more than happy to nuke, thanks mechBgon, ur on my xmas card list.

Thanks 4 all yer help.

 

[corkyg]

That's good news, Dave - I just installed Kaspersky 6 on my system - and it boots faster that it did with VScan 10.