Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Dialer.coh


  • Please log in to reply
7 replies to this topic

#1 throwthisaway

throwthisaway

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 November 2006 - 10:12 PM

Well, I'd like to start by saying I've tried everything. I've ran AVG 7.5 and Anti-Spyware in Safe Mode as well as Ad-Aware SE Professional, and I'm halfway through a Trend Micro Housecall.

It seems that this file infects a new file in my Windows folder hourly, and I want to get rid of the problem ASAP for that very reason. If it infects the wrong file, well, I'm hopeless.

I'd like to ask for help. I've tried Google, and found a few of the files in Hijackthis;

O2 - BHO: (no name) - {599C78D2-2295-222A-0200-069E6F1163CB} - C:\WINDOWS\system32\dxzhuah.dll (file missing)
O2 - BHO: (no name) - {5EEC9A0D-9761-E68B-A99A-07735A746CA4} - C:\WINDOWS\system32\ckceqf.dll (file missing)
O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\ljjihfc.dll (file missing)
O20 - Winlogon Notify: ljjihfc - ljjihfc.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)


Is there anything else I can remove?

Here's a screenshot:

Posted Image

BC AdBot (Login to Remove)

 


#2 rowal5555

rowal5555

    Just enough info to be armed & dangerous...


  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:12:07 AM

Posted 23 November 2006 - 12:54 AM

I would suggest that you let Microsoft look after its own by running THIS SCAN.

This is repidly becoming the favoured method of cleaning up Windows.

Only click on 'FullServiceScan' (make sure you allow the ActiveX control to run), then find something else to do for a couple of hours or so.

Good luck. Cheers

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#3 throwthisaway

throwthisaway
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 November 2006 - 07:39 AM

Oh, great. I found I can't run Internet Explorer now, as it gets an error.

Someone, anyone. pleeeeeeeease help =/

Posted Image

#4 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:12:07 PM

Posted 23 November 2006 - 10:58 AM

What happenbs if you click the Debug button??

#5 throwthisaway

throwthisaway
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 November 2006 - 12:44 PM

I clicked the Debug, found the .dll file, and deleted it. It worked, IE is now running.

I scanned with the Microsoft link, but the popups are still appearing, saying I have viruses.

#6 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:12:07 PM

Posted 23 November 2006 - 04:09 PM

Go to the safe mode and do an online scan with :

EWIDO
Panda

Post the two reports over here

#7 throwthisaway

throwthisaway
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 23 November 2006 - 05:30 PM

..I can't do online scans with Safe Mode.

I got some help over at Bullguard, I'll see how it goes.

#8 Siggyman

Siggyman

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 24 November 2006 - 12:47 AM

Get Adaware and downlaod it to a flash drive. then run ad aware from the flash dirve and delete the foud files reboot and repeat do this about 5 times this should help
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users