Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lmhosts.dll ?


  • Please log in to reply
4 replies to this topic

#1 -=?=-lloyd

-=?=-lloyd

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 27 May 2008 - 01:03 AM

ok so suddenly my computer started going a little slower and has progressed. its not like super slow but i want to stop it in its tracks...


this is my computer

Win XP Pro SP2
ASUS A8N-SLI SE motherboard
AMD Athlon 64 X2 3800+ Dual-Core 2.02 Ghz 2X512 MB cache
3.50 GB installed RAM 2.50 usable
149.9 GB hard drive
nVidia 7600 GT 256MB video card
- 7300 GS SLI configure
- Both PCI-E

HL-DT-ST RW/DVD GCC-4120B dvd-drive
Sony CD-RW CRX216E cd burner


i dont know if most of that is relevant but anyways.

i just want to know if LmHosts.dll is bad and if so how do i remove it?

i only found it because i noticed that i had several more svchost.exe running than usual i.e. 7 compared to my usual of 3 or 4.... they werent there earlier today and i havent downloaded anything until just now. they appeared about 5 o'clock

i have 1 torrent running which has been verified no viruses because several people i know have downloaded it. and the download that i just did was SpeedUpMyPC by Uniblue as suggested by your website.

BC AdBot (Login to Remove)

 


m

#2 rowal5555

rowal5555

    Just enough info to be armed & dangerous...


  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:05:34 AM

Posted 27 May 2008 - 03:18 AM

According to this, it is a trojan. http://www.softwaretipsandtricks.com/dange...lmhostsdll.html

You should run the scans and follow the steps outlined here which will probably fix your problem before you get to the HJT log stage:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Good luck. Post back if you have any problem.

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:34 AM

Posted 27 May 2008 - 12:10 PM

Lmhosts.dll is a backdoor Trojan. Backdoor Trojans are very dangerous because they provide a means of accessing a computer system that bypasses security mechanisms and steal sensitive information like passwords, personal and financial data which they send back to the hacker. Remote attackers use backdoor Trojans as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge. Read the Danger: Remote Access Trojans.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the backdoor Trojan has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because the backdoor Trojan has been removed the computer is now secure. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read "When should I re-format? How should I reinstall?" and "Help: I Got Hacked. Now What Do I Do?".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 -=?=-lloyd

-=?=-lloyd
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 27 May 2008 - 01:38 PM

ok so i tried the malware removal tool and couldnt find a LmHost.dll i found a .sam and from researching a little it seems it a microsoft product that control the ip address location on the system....

#5 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:11:34 AM

Posted 27 May 2008 - 01:43 PM

You may want to consider posting in the malware forum, follow the steps to create a HiJackThis log and post it. There is a very good possibility you have a major problem there :thumbsup:

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users