 |  |  |  |  |  |  |  |
IE/Trojan Problems - Desktop Trojan
 |
Crunchie will probably have some other ideas, but until he gets back to this, try these suggestions:
Get SilentRunners from here:
http://www.silentrunners.org/
Run it, and save the log that it generates.
Get the Pocket Killbox from here:
http://bleepingcomputer.com/files/spyware/KillBox.zip
Unzip the file to your desktop.
Boot into Safe Mode and do a search for these files and delete any instances found (be sure your system is set to Show hidden files and folders):
param32.dll
guninst.exe
popup_bl.dll
systr.dll
svrhost.exe
If you find any of these files, and any could not be deleted, run Pocket Killbox and paste the full file path of file in the box and click on Delete on Reboot. Click on the button with the red circle and an X in the middle; you will get a message saying File will be deleted on next reboot, Process and Reboot now?, Click Yes to reboot. (Note: the 'file path' will be something like C:\WINDOWS\System32\param32.dll)
Reboot normally and delete any icons from your desktop that you did not put there..
Empty your Recycle Bin.
Close any open browser windows, scan with HJT, and post a new log along with the SilentRunners log.
Get SilentRunners from here:
http://www.silentrunners.org/
Run it, and save the log that it generates.
Get the Pocket Killbox from here:
http://bleepingcomputer.com/files/spyware/KillBox.zip
Unzip the file to your desktop.
Boot into Safe Mode and do a search for these files and delete any instances found (be sure your system is set to Show hidden files and folders):
param32.dll
guninst.exe
popup_bl.dll
systr.dll
svrhost.exe
If you find any of these files, and any could not be deleted, run Pocket Killbox and paste the full file path of file in the box and click on Delete on Reboot. Click on the button with the red circle and an X in the middle; you will get a message saying File will be deleted on next reboot, Process and Reboot now?, Click Yes to reboot. (Note: the 'file path' will be something like C:\WINDOWS\System32\param32.dll)
Reboot normally and delete any icons from your desktop that you did not put there..
Empty your Recycle Bin.
Close any open browser windows, scan with HJT, and post a new log along with the SilentRunners log.
Links to help you help yourself :
Protect Your PC & Avoid Infections -- http://www.daniweb.com/techtalkforums/thread27519.html
Cleanup Procedures & Tools -- http://www.daniweb.com/techtalkforums/thread27570.html
Infection Removal & HijackThis Use -- http://www.daniweb.com/techtalkforums/thread28196.html
Protect Your PC & Avoid Infections -- http://www.daniweb.com/techtalkforums/thread27519.html
Cleanup Procedures & Tools -- http://www.daniweb.com/techtalkforums/thread27570.html
Infection Removal & HijackThis Use -- http://www.daniweb.com/techtalkforums/thread28196.html
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Keystroke logger infection
- Next Thread: Win 98 machine infected with spyware?
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adobe adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos education email europe exam exploit fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile parents patch pdf phishing police policeprovirusmba-mblockedinternetaccess president pro problem redirect report research risk rogueantivirus rootkit samhain sans search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista volume vulnerability war warning windows worm yahoo zero-day zeroday
