back orifice - files msl12.dll & windll.dll

back orifice - files msl12.dll & windll.dll

Post by Peter Stewar » Fri, 22 Jan 1999 04:00:00



Some time ago I was infected with the back orifice virus which was
detected with Norton's Antivirus AFTER a definitions update was
installed.  Nortons was unable to repair the files and at the time the
"fix" program was not available, so I called an expert to come and he
simply deleted the two files from my computer.  Everything seems OK now
but the windows update feature goes only to a blank screen - can this be
related ?  What do the files do ?  Can I get them from someone and
simply replace uninfected copies into the windows/system directory ?
Please reply
 
 
 

back orifice - files msl12.dll & windll.dll

Post by Greg Sommer » Fri, 22 Jan 1999 04:00:00


Peter,

I had numerous problems with the Windows update and finally late last night
got in.  Here is what I did as per the Microsoft Knoweldge Base:
    1.  Set IE 4 security to MEDIUM  (if it's not already there, it will
have to be restarted for the
         change to take effect)
    2.  Cleared my CACHE and my HISTORY
    3.  MANUALLY Type in the URL--  http://windowsupdate.microsoft.com/

When it asks if you want it to search your hard drive for updates to other
software select YES and let it go.  I don't know if it will work for you,
but NOTHING in the past worked for me and last night it finally did.  I
don't know if the virus could be affecting this or not, but give that a
shot.  I'll try to find the link to the Knowledge base where I pulled those
instructions from.

Greg


> Some time ago I was infected with the back orifice virus which was
> detected with Norton's Antivirus AFTER a definitions update was
> installed.  Nortons was unable to repair the files and at the time the
> "fix" program was not available, so I called an expert to come and he
> simply deleted the two files from my computer.  Everything seems OK now
> but the windows update feature goes only to a blank screen - can this be
> related ?  What do the files do ?  Can I get them from someone and
> simply replace uninfected copies into the windows/system directory ?
> Please reply


 
 
 

back orifice - files msl12.dll & windll.dll

Post by Peter Stewar » Sun, 24 Jan 1999 04:00:00


Thanks for your reply to my problem.  Unfortunately I did as you asked
and still ended with the same result (a blank page - but in two
different colours !!)  Thanks anyway


> Peter,

> I had numerous problems with the Windows update and finally late last
> night got in.  Here is what I did as per the Microsoft Knoweldge Base:

>     1.  Set IE 4 security to MEDIUM  (if it's not already there, it
> will have to be restarted for the
>          change to take effect)
>     2.  Cleared my CACHE and my HISTORY
>     3.  MANUALLY Type in the URL-- http://windowsupdate.microsoft.com/

> When it asks if you want it to search your hard drive for updates to
> other software select YES and let it go.  I don't know if it will work
> for you, but NOTHING in the past worked for me and last night it
> finally did.  I don't know if the virus could be affecting this or
> not, but give that a shot.  I'll try to find the link to the Knowledge
> base where I pulled those instructions from.

> Greg


>> Some time ago I was infected with the back orifice virus which was
>> detected with Norton's Antivirus AFTER a definitions update was
>> installed.  Nortons was unable to repair the files and at the time
>> the
>> "fix" program was not available, so I called an expert to come and
>> he
>> simply deleted the two files from my computer.  Everything seems OK
>> now
>> but the windows update feature goes only to a blank screen - can
>> this be
>> related ?  What do the files do ?  Can I get them from someone and
>> simply replace uninfected copies into the windows/system directory ?

>> Please reply

 
 
 

back orifice - files msl12.dll & windll.dll

Post by Scott Brun » Sun, 24 Jan 1999 04:00:00


    Back Orifice is somewhat trickier than that. First off, you don't want
Windll.dll back, as it's part of BO. Second, simply removing that file won't
remove BO, as I'm informed that Windll.dll is just the keyboard-logging
component.
    What you're looking for is a program named, " .exe" - that's
<SPACE>.exe. That *should* be the file name, although it's entirely possible
that new and "improved" forms have surfaced since the initial release.
    BO does indeed "sit" on your 'net connection, and could well be behind
your difficulties with Win Update. Could also be that the "tech" who removed
it was, shall we say - less than familiar with the concepts at hand - and
did some damage in a botched clean-up operation.
    Personally, I'd recommend you just wipe the Windows drive clean with a
good format and reinstall. And do try to avoid running executable files with
questionable origins.
--
Scott Bruno
Remove the NOSPAM to reply
http://mbr-repair.neotown.com/pchelp

>Some time ago I was infected with the back orifice virus which was
>detected with Norton's Antivirus AFTER a definitions update was
>installed.  Nortons was unable to repair the files and at the time the
>"fix" program was not available, so I called an expert to come and he
>simply deleted the two files from my computer.  Everything seems OK now
>but the windows update feature goes only to a blank screen - can this be
>related ?  What do the files do ?  Can I get them from someone and
>simply replace uninfected copies into the windows/system directory ?
>Please reply

 
 
 

back orifice - files msl12.dll & windll.dll

Post by Milly Staple » Wed, 27 Jan 1999 04:00:00


Perhaps a better idea would be to go to the following and download any one
of several programs listed to clean up BO:
http://www.snap.com/download/list/pc/0,20,home-d-297-b-1,102000.html

>Go here and get this BackOrfice cleaner.
>http://www.arez.com/fs/antigen102.zip

>You problems are over....

>Special`K

>On Thu, 21 Jan 1999 23:45:16 +1100, Peter Stewart

>>Some time ago I was infected with the back orifice virus which was
>>detected with Norton's Antivirus AFTER a definitions update was
>>installed.  Nortons was unable to repair the files and at the time the
>>"fix" program was not available, so I called an expert to come and he
>>simply deleted the two files from my computer.  Everything seems OK now
>>but the windows update feature goes only to a blank screen - can this be
>>related ?  What do the files do ?  Can I get them from someone and
>>simply replace uninfected copies into the windows/system directory ?
>>Please reply

 
 
 

back orifice - files msl12.dll & windll.dll

Post by Peter Stewar » Wed, 27 Jan 1999 04:00:00


Got the antigen, but too late - files had already been removed.  Antigen has
shown system now to be free of back orifice however, but update still no go

> Go here and get this BackOrfice cleaner.
> http://www.arez.com/fs/antigen102.zip

> You problems are over....

> Special`K

> On Thu, 21 Jan 1999 23:45:16 +1100, Peter Stewart

> >Some time ago I was infected with the back orifice virus which was
> >detected with Norton's Antivirus AFTER a definitions update was
> >installed.  Nortons was unable to repair the files and at the time the
> >"fix" program was not available, so I called an expert to come and he
> >simply deleted the two files from my computer.  Everything seems OK now
> >but the windows update feature goes only to a blank screen - can this be
> >related ?  What do the files do ?  Can I get them from someone and
> >simply replace uninfected copies into the windows/system directory ?
> >Please reply

 
 
 

back orifice - files msl12.dll & windll.dll

Post by Bernie Simmon » Wed, 27 Jan 1999 04:00:00


Just wondering have you been here.
http://support.microsoft.com/support/kb/articles/q193/6/57.asp?FR=0
I kinda doubt your problem has anything to do with BO.  As the two files
listed in the header are not system files on my system.  I run Antigen quite
often.  I would try a Deltree of the following folders from the c:\windows
DOS prompt Cookies, Tempor~1, Downlo~1 and History first then try Windows
Update.   It is the easiest thig to try first.  Then move on to some of the
other possibilities.
Bernie


>Got the antigen, but too late - files had already been removed.  Antigen
has
>shown system now to be free of back orifice however, but update still no go


>> Go here and get this BackOrfice cleaner.
>> http://www.arez.com/fs/antigen102.zip

>> You problems are over....

>> Special`K

>> On Thu, 21 Jan 1999 23:45:16 +1100, Peter Stewart

>> >Some time ago I was infected with the back orifice virus which was
>> >detected with Norton's Antivirus AFTER a definitions update was
>> >installed.  Nortons was unable to repair the files and at the time the
>> >"fix" program was not available, so I called an expert to come and he
>> >simply deleted the two files from my computer.  Everything seems OK now
>> >but the windows update feature goes only to a blank screen - can this be
>> >related ?  What do the files do ?  Can I get them from someone and
>> >simply replace uninfected copies into the windows/system directory ?
>> >Please reply

 
 
 

back orifice - files msl12.dll & windll.dll

Post by Carlos Pfitzn » Fri, 05 Feb 1999 04:00:00


To delete the (blank).EXE
just  enter from DOS     DEL     "       .EXE"      (with the " in)
You urge to change ALL your passwords,          <-----------------------
even  the ones that are not stored on your HD.  <-----------------------
To be sure you does not have it yet,
when connected to internet, open a DOS box
and type NETSTAT -AN
look for any suspicious port "listening"
The usual port of Back Orifice is 31337 UDP
but it may be configured to use other ports as well
If you has been connected on Internet with BO installed for more than half
hour probably someone has already scanned your HD and stolen all yr PW's
inclusively the ones you typed on keyboard while offline.
Special care with bank account/credit card,  and similar.
I had activated  port 31337 UDP on my ID and I am logging at least 3 try's
to connect on my port, every day ... (and I'm not yet 24h/day online)

Your Windows Update problems probably are not related to this trojan
BO was made to not interfere with anything, so the user does not notice it.
Try Deleting MSDONWLD.TMP cleaning or deleting "Temporary Internet files"
Cleaning "History Files" ...

                Carlos Pfitzner  



Quote:>Some time ago I was infected with the back orifice virus which was
>detected with Norton's Antivirus AFTER a definitions update was
>installed.  Nortons was unable to repair the files and at the time the
>"fix" program was not available, so I called an expert to come and he
>simply deleted the two files from my computer.  Everything seems OK now
>but the windows update feature goes only to a blank screen - can this be
>related ?  What do the files do ?  Can I get them from someone and
>simply replace uninfected copies into the windows/system directory ?
>Please reply

 
 
 

1. missing dll files: CFGMGR32.DLL & powrprof.dll

Hello and thanks to anyone that can help, my OS is Windows
98 SE and I keep getting the error message upon startup
that I am missing these two dll files:
CFGMGR32.DLL:CM_Get_Log_Conf_Priority & powrprof.dll. Is
there any way to re-obtain these files? And how would I
find that access? Thanks in advance to all.
Tony V.

2. Mitsushita CD-562-B and SBAWE32?

3. QuickPrint missing files: oleacc.dll & pci.dll

4. How to Restart a Failed MSDN Download (VS.NET)

5. msi.dll riched20.dll SPOOLSS.DLL Manufacturer

6. Reini Urban

7. URLMON.DLL, MSHTML.DLL, KERNEL32.DLL problems

8. Imation SuperDisk LS-120 (External Parallel Port)

9. missing DLL file--INETCLNT.DLL, IPROF32.DLL

10. URLMON.DLL / MSHTML.DLL / KERNEL32.DLL

11. msvcrt40.dll msvcrt40.dll mfc40.dll

12. msvcrt.dll & msvcirt.dll HELP!!

13. Missing msdaps.dll & msadrh15.dll