Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware/trojan Removal...


  • Please log in to reply
4 replies to this topic

#1 LIBRA73M

LIBRA73M

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 14 April 2008 - 05:25 AM

Hello ICT Experts!

Unfortunately my PC acquired a very annoying virus (probably a trojan horse) that upon opening folders, files, windows, etc. pops up a warning window stating the following:

System Error!

Your system was infected by dangerous trojan.
Note: Your critical files can be lost!

Click OK to download the antimalware application to clean your system! (Recommended)

OK Cancel

Also, upon every searching on Google using any kind of term the following message appears within the first few results:

Error!

Your browser was hijacked! Some results was changed by porn advertising!
You need to clean your system immediately to prevent it.Download the
newest antispyware software!

I have already followed the process of trojans' removal as suggested on:

http://www.avtc.org/how-to-remove-trojan-general.html

I used the free updated 2007 version of Lavasoft's Ad-Aware and Eset's NOD32 (updated though not the full version) Antivirus System but to no avail.

Have you come across with this trojan/virus?

Can you please please guide me on what to do next to remove this trojan?

Shall I try to remove it myself or shall I just take my PC to a Servicing Department or call a Technician home?

Should you require more info in order to help me please let me know.

Your help will be greatly appreciated.

Thanks in advance!

LIBRA73M

BC AdBot (Login to Remove)

 


#2 LIBRA73M

LIBRA73M
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 14 April 2008 - 08:58 AM

Can anyonte help me please?

Should you need further info just let me know.

Thanks.

#3 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 14 April 2008 - 10:17 AM

as those instructions also include an HJT log, did your 'work' also include posting an HJT log elsewhere?

which antivirus program DO you have installed? which is your wiindows version
try running these two programs


asquared

http://www.emsisoft.com/en/software/free/

its exe is http://download6.emsisoft.com/a2FreeSetup.exe

and superantispyware http://www.superantispyware.com/superantis...efreevspro.html

the exe for it is http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE

you will need to install both, fully update the definitions reboot and run each OFF line from their desktop icons on a full deep scan; they will each produce a report that should give an insight into what has attacked you which you can post back on here for the Experts to examine

try that for starters?

#4 LIBRA73M

LIBRA73M
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 14 April 2008 - 02:06 PM

Dear Ruby1,

My operating system is Windows XP while my anti-virus software is NOD32 though it is not the full version.

i will be back with the log reports.

After having tried Ad-Aware and Spybot I was not successful in removing it. :thumbsup:

Regards,

LIBRA73M

#5 LIBRA73M

LIBRA73M
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:50 PM

Posted 14 April 2008 - 04:44 PM

Ruby1 and All,

NOD32 detected and I manually deleted the following:

File Name: C:\WINDOWS\sofos32x.dll
Threat: Win32/Adware.IeDefender.NCZ application
Info: Event occurred at an attempt to access the file by the application: C:\Program Files\Internet Explorer\iexplore.exe.

Thanks.

LIBRA73M




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users