Guest rbhavsar29 Posted April 11, 2008 Posted April 11, 2008 Hello,:confused: I just bought this new HP laptop several months and now its infected with malware Trojan. A full scan on Windows defender shows that trojan is detected in some of the .dll files. I deleted 2 files on which it said trojan was detected. But next time I scanned on Windows Defender, some other .dll file showed up. Also scan on Bell Sympatico's Anti virus service, it shows no virus or spywares. My laptop is very slow than before, and also internet explorer browsers keep opening and they take me to some random antivirus sites. Please if you could tell me what to do in getting rid of this Trojan and make my laptop run as normal. I would really appreciate it. Thanks in advance. Hope to hear from you guys soon. Rounak [image: http://forums.majorgeeks.com/images/smilies/confused.gif] -- rbhavsar29 Posted via http://www.vistaheads.com Quote
Guest .Joe Posted April 11, 2008 Posted April 11, 2008 rbhavsar29;680095 Wrote: <span style="color:blue"> > Hello,:confused: > I just bought this new HP laptop several months and now its infected > with malware Trojan. A full scan on Windows defender shows that trojan > is detected in some of the .dll files. I deleted 2 files on which it > said trojan was detected. But next time I scanned on Windows Defender, > some other .dll file showed up. Also scan on Bell Sympatico's Anti > virus > service, it shows no virus or spywares. > My laptop is very slow than before, and also internet explorer browsers > keep opening and they take me to some random antivirus sites. > > Please if you could tell me what to do in getting rid of this Trojan > and make my laptop run as normal. I would really appreciate it. > > Thanks in advance. Hope to hear from you guys soon. > > Rounak [image: > http://forums.majorgeeks.com/images/smilies/confused.gif] > > > -- > rbhavsar29 > Posted via 'Microsoft Windows Vista Community Forums - Vistaheads' > (http://www.vistaheads.com)</span> One of the first programs I'd use to rid yourself of the trojan is spybot search and destroy. You can download it here: 'The home of Spybot-S&D!' (http://www.safer-networking.org/en/download/index.html) -- .Joe _[image: http://uswave.net/vistax64/joetmvx64.png] (\"http://www.vistax64.com\")_ _ ::Click_here_for_the_Vista_Forums:: (\"http://www.vistax64.com/index.php?referrerid=17621\")_ _Geekbench_Score:_4050 (\"http://browse.geekbench.ca/geekbench2/view/42901\")_ _CPU-Z_Verified (\"http://valid.x86-secret.com/show_oc.php?id=323179\")_ _ _ Quote
Guest Malke Posted April 11, 2008 Posted April 11, 2008 rbhavsar29 wrote: <span style="color:blue"> > > Hello,:confused: > I just bought this new HP laptop several months and now its infected > with malware Trojan. A full scan on Windows defender shows that trojan > is detected in some of the .dll files. I deleted 2 files on which it > said trojan was detected. But next time I scanned on Windows Defender, > some other .dll file showed up. Also scan on Bell Sympatico's Anti virus > service, it shows no virus or spywares. > My laptop is very slow than before, and also internet explorer browsers > keep opening and they take me to some random antivirus sites. > > Please if you could tell me what to do in getting rid of this Trojan > and make my laptop run as normal. I would really appreciate it.</span> Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2....emoving_Malware Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. Please see the special Notes regarding using Multi_AV in Vista. http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions http://tinyurl.com/yoeru3 - download link and more instructions You can also check to see if there are targeted removal steps for your malware here: Bleeping Computer removal how-to's - http://www.bleepingcomputer.com/forums/forum55.html When all else fails, get guided help. Choose one of the specialty forums listed at the first link. Register and read its posting FAQ. You will generally be asked to: 1. Download and execute HiJack This! (HJT) - http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe 2. Disable Notepad's word wrap - In Notepad.exe; Format --> uncheck; "Word wrap" 3. Download/run Deckard's System Scanner - http://www.techsupportforum.com/sectools/Deckard/dss.exe 4. Save the scan results (Main.txt and Extra.txt) 5. And then post the contents of Main.txt and Extra.txt in your post at the forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS. Not all tools used will work in Vista and you will need to run them elevated. If you are unable to remove the infection by following the general steps, register at one of the HijackThis forums as suggested. Standard disclaimer: I can't see and test your computer myself, so these are just suggestions based on many years of being a professional computer tech; suggestions based on what you've written. You should not take my suggestions as a definitive diagnosis. If you can't do the work yourself (and there is no shame in admitting this isn't your cup of tea), take the machine to a professional computer repair shop (not your local equivalent of BigComputerStore/GeekSquad). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. If possible, have all your data backed up before you take the machine into a shop. Malke -- MS-MVP Elephant Boy Computers www.elephantboycomputers.com Don't Panic! Quote
Guest Carey Frisch [MVP] Posted April 11, 2008 Posted April 11, 2008 Cleaning a Compromised System http://www.microsoft.com/technet/community...gmt/sm0504.mspx Performing an HP System Recovery in Windows Vista http://h10025.www1.hp.com/ewfrf/wc/generic...&dlc=en&lang=en Windows OneCare: http://onecare.live.com/standard/en-us/default.htm Learn about Windows Live OneCare: http://onecare.live.com/standard/en-us/prodinfo/default.htm -- Carey Frisch Microsoft MVP Windows Desktop Experience - Windows System & Performance --------------------------------------------------------------- "rbhavsar29" wrote: Hello,:confused: I just bought this new HP laptop several months and now its infected with malware Trojan. A full scan on Windows defender shows that trojan is detected in some of the .dll files. I deleted 2 files on which it said trojan was detected. But next time I scanned on Windows Defender, some other .dll file showed up. Also scan on Bell Sympatico's Anti virus service, it shows no virus or spywares. My laptop is very slow than before, and also internet explorer browsers keep opening and they take me to some random antivirus sites. Please if you could tell me what to do in getting rid of this Trojan and make my laptop run as normal. I would really appreciate it. Thanks in advance. Hope to hear from you guys soon. Rounak [image: http://forums.majorgeeks.com/images/smilies/confused.gif] -- rbhavsar29 Posted via http://www.vistaheads.com Quote
Guest robinb Posted April 11, 2008 Posted April 11, 2008 also try installing superantispyware you can pick up the free version at http://superantispyware.com this program goes into the root of windows and gets rid of trojans very well robin "rbhavsar29" <rbhavsar29.37pio2@no-mx.forums.vistaheads.com> wrote in message news:rbhavsar29.37pio2@no-mx.forums.vistaheads.com...<span style="color:blue"> > > Hello,:confused: > I just bought this new HP laptop several months and now its infected > with malware Trojan. A full scan on Windows defender shows that trojan > is detected in some of the .dll files. I deleted 2 files on which it > said trojan was detected. But next time I scanned on Windows Defender, > some other .dll file showed up. Also scan on Bell Sympatico's Anti virus > service, it shows no virus or spywares. > My laptop is very slow than before, and also internet explorer browsers > keep opening and they take me to some random antivirus sites. > > Please if you could tell me what to do in getting rid of this Trojan > and make my laptop run as normal. I would really appreciate it. > > Thanks in advance. Hope to hear from you guys soon. > > Rounak [image: > http://forums.majorgeeks.com/images/smilies/confused.gif] > > > -- > rbhavsar29 > Posted via http://www.vistaheads.com > </span> Quote
Guest SG Posted April 12, 2008 Posted April 12, 2008 I'll second that advice, if fact I like the free version so well I bought the Professional. IMO it is one of the best and can detect and remove over 1 million pests and threat components. -- All the best, SG Is your computer system ready for Vista? https://winqual.microsoft.com/hcl/ "robinb" <robinbk9_nospam@msn.com> wrote in message news:22583D05-3FAF-46BC-82B5-CB273FC522C6@microsoft.com...<span style="color:blue"> > also try installing superantispyware > you can pick up the free version at http://superantispyware.com > this program goes into the root of windows and gets rid of trojans very > well > robin > "rbhavsar29" <rbhavsar29.37pio2@no-mx.forums.vistaheads.com> wrote in > message news:rbhavsar29.37pio2@no-mx.forums.vistaheads.com...<span style="color:green"> >> >> Hello,:confused: >> I just bought this new HP laptop several months and now its infected >> with malware Trojan. A full scan on Windows defender shows that trojan >> is detected in some of the .dll files. I deleted 2 files on which it >> said trojan was detected. But next time I scanned on Windows Defender, >> some other .dll file showed up. Also scan on Bell Sympatico's Anti virus >> service, it shows no virus or spywares. >> My laptop is very slow than before, and also internet explorer browsers >> keep opening and they take me to some random antivirus sites. >> >> Please if you could tell me what to do in getting rid of this Trojan >> and make my laptop run as normal. I would really appreciate it. >> >> Thanks in advance. Hope to hear from you guys soon. >> >> Rounak [image: >> http://forums.majorgeeks.com/images/smilies/confused.gif] >> >> >> -- >> rbhavsar29 >> Posted via http://www.vistaheads.com >></span> > </span> Quote
Guest loves brad Posted October 2, 2008 Posted October 2, 2008 "rbhavsar29" wrote: <span style="color:blue"> > > Hello,:confused: > I just bought this new HP laptop several months and now its infected > with malware Trojan. A full scan on Windows defender shows that trojan > is detected in some of the .dll files. I deleted 2 files on which it > said trojan was detected. But next time I scanned on Windows Defender, > some other .dll file showed up. Also scan on Bell Sympatico's Anti virus > service, it shows no virus or spywares. > My laptop is very slow than before, and also internet explorer browsers > keep opening and they take me to some random antivirus sites. > > Please if you could tell me what to do in getting rid of this Trojan > and make my laptop run as normal. I would really appreciate it. > > Thanks in advance. Hope to hear from you guys soon. > > Rounak [image: > http://forums.majorgeeks.com/images/smilies/confused.gif] > > > -- > rbhavsar29 > Posted via http://www.vistaheads.com > > </span> Quote
Guest Paul Montgumdrop Posted October 3, 2008 Posted October 3, 2008 loves brad wrote:<span style="color:blue"> > > "rbhavsar29" wrote: > <span style="color:green"> >> Hello,:confused: >> I just bought this new HP laptop several months and now its infected >> with malware Trojan. A full scan on Windows defender shows that trojan >> is detected in some of the .dll files. I deleted 2 files on which it >> said trojan was detected. But next time I scanned on Windows Defender, >> some other .dll file showed up. Also scan on Bell Sympatico's Anti virus >> service, it shows no virus or spywares.</span></span> Malware such as a Trojan and others such malware can fool the detection software. Or it could be a zero day exploit, never seen before, and the detection software cannot detect it. <span style="color:blue"><span style="color:green"> >> My laptop is very slow than before, and also internet explorer browsers >> keep opening and they take me to some random antivirus sites. >> >> Please if you could tell me what to do in getting rid of this Trojan >> and make my laptop run as normal. I would really appreciate it.</span></span> You have to use the proper tools like Process Explorer that will let you look at processes, because the culprit can be piggy-backing of off a legit process and is hiding itself. The information in the link shows you what Process Explorer will show you, which you will go to menu/view so that you match the screen in the example. You can right-click a line in the upper or lower pane and go to Properties. <http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_Rootkit_Tools_in_a_Windows_Environment.html> <http://technet.microsoft.com/en-us/sysinternals/default.aspx> Active Ports doesn't work on Vista use Current Ports. http://www.nirsoft.net/utils/cports.html If Svchost.exe or Dllhost32.exe are not running out of C:\Windows\System32, then they are Trojans. Quote
Guest Frank Saunders MS-MVP IE,OE/WM Posted October 4, 2008 Posted October 4, 2008 "loves brad" <loves brad@discussions.microsoft.com> wrote in message news:09DD6DFD-79FF-4AD5-A46C-BB355112B7D2@microsoft.com...<span style="color:blue"> > > "rbhavsar29" wrote: ><span style="color:green"> >> >> Hello,:confused: >> I just bought this new HP laptop several months and now its infected >> with malware Trojan. A full scan on Windows defender shows that trojan >> is detected in some of the .dll files. I deleted 2 files on which it >> said trojan was detected. But next time I scanned on Windows Defender, >> some other .dll file showed up. Also scan on Bell Sympatico's Anti virus >> service, it shows no virus or spywares. >> My laptop is very slow than before, and also internet explorer browsers >> keep opening and they take me to some random antivirus sites. >> >> Please if you could tell me what to do in getting rid of this Trojan >> and make my laptop run as normal. I would really appreciate it. >> >> Thanks in advance. Hope to hear from you guys soon. >> >> Rounak [image: >> http://forums.majorgeeks.com/images/smilies/confused.gif]</span></span> Do a thorough check for malware, following all of the steps at one of these Web pages. Help with malware: All MS-MVP Sites. http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://www.elephantboycomputers.com/page2....emoving_Malware http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/darnit.html http://www.mvps.org/sramesh2k/Malware_Defence.htm Unexplained computer behavior may be caused by deceptive software. http://support.microsoft.com/kb/827315 So How Did I Get Infected Anyway? For quite a few people it's by installing programs like Messenger Plus, whose ads for malware don't identify the malware as such and try to convince you that you owe it to the author. See also: http://www.wilderssecurity.com/showthread.php?t=27971 Don't ever do a "default" install of anything. Always choose Custom and see what else is being carried along. Don't install any extras you're not sure of. -- Frank Saunders MS-MVP IE,OE/WM Do not reply with email Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.