Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan/backdoor?


  • Please log in to reply
No replies to this topic

#1 thenile

thenile

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:21 AM

Posted 28 April 2014 - 04:07 AM

The OS is Vista. My mum uses the system. She uses Internet Explorer and isn't good with computers.

 

It keeps making a temporary file in C:\ProgramData which Avira is blocking, it seems to only try once every startup though. Through Process Explorer, I see it creates an instance of dllhost.exe which keeps about 15 instances of dllhost.exe running, eating up CPU. I can suspend the spawner. No other processes are really suspicious. I noticed some fishy processes and dialer.exe came up the first time I restarted in the task explorer, later looked in the Event Viewer and found something added security certificates, something to do with "result of Windows Right", something with telnet (all next to each other). Also, it changes my IE settings so I cannot download anything without resetting the security options.

 

I checked the Avira detection history and found a lot of malware and trojan detections with different names :(

 

Edit: Think I got rid of it...My paranoia is depleting.


Edited by thenile, 28 April 2014 - 06:50 AM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users