Trojan Problem

Reply

  #1  
Old 03-03-08, 05:49 AM
Member
Thread Starter
Join Date: Oct 2005
Location: cheverly, maryland
Posts: 152
Received 0 Votes on 0 Posts
Trojan Problem

Hi Guys,

I recently replaced my hard drive and reinstalled XP. However, after copying my data files from the old drive, a virus scan made me realize that I may have transferred a Trojan onto the new drive.
I had caught a Trojan on my source drive and deleted it but it must have infected the drive before I was able to delete it because I see a notification for a changed 'Shell32.dll' file when I run AVG Virus scan on it as well as the fact that a porn home page pops up when I open Internet Explorer. I now have the same situation on the new drive. I have done a virus scan but the drives keep coming up clean.

So here is my question. Is there a way to overwrite the 'Shell32.dll' file with a clean copy of it? And will that fix the problem? Exactly how do Trojans operate anyway?

Thanks,

Mo
 
Sponsored Links
  #2  
Old 03-03-08, 08:22 AM
John Whorfin's Avatar
Member
Join Date: May 2005
Location: CT
Posts: 170
Received 0 Votes on 0 Posts
That will not fix the problem, you most likely have a different file infected and the infected file is the one that is overwriting the shell32dll.

Each virus, Trojan, etc. is different, they all have their own purposes and each has a different fix.

If you got a virus/Trojan warning, note the name of virus/Trojan and then do some Google searching on it.

Make sure you have the correct variant, but you will find pages on what it is and how to fix it.


Also what virus software are you using? Is it up to date? There are some online scans that can be done, but honestly I have not kept up to date on which are good and which are bad. Many of the newer Trojans/Viruses are made to disable certain virus scan applications.
 
  #3  
Old 03-03-08, 08:55 AM
Member
Join Date: Aug 2007
Posts: 304
Received 0 Votes on 0 Posts
Make sure you disable system restore when doing virus scans. Viruses can hide out there.

Also, if you can, go to the trend micro website and use their free online scanner to check for viruses.

If you're machine seems to far gone, it may be better to wipe and reload to prevent further infestation to other machines/files. Just be sure to scan any file you copy over (obviously).
 
  #4  
Old 03-03-08, 10:12 AM
Member
Thread Starter
Join Date: Oct 2005
Location: cheverly, maryland
Posts: 152
Received 0 Votes on 0 Posts
I always scan periodically (I use AVG) and I always keep AVG up to date. I had noticed that my PC was abnormally sluggish so I immediately suspected a virus but a scan turned up nothing. Then I accidentally noticed one new file which seemed suspicious, so I ran a scan on that one file only and, Bingo!, it kicked out as being a Trojan.
Stupid me, I totally forgot to make a note about its details as I was in such a hurry to get rid of it. So now it looks like I'll have to try using a different Virus program and hope it will nail the infected file.
Also, if I set up the infected drive as a slave, can I safely scan it or will the virus migrate over to the new master?

Thanks,

Mo
 
  #5  
Old 03-03-08, 10:32 AM
Banned. Rule And/Or Policy Violation
Join Date: Nov 2007
Posts: 504
Received 0 Votes on 0 Posts
It can/will propagate to any drives in the system.


Using just one virus scanner will not find everything. You need to run multiple virus and malware scanners to find them all.
Go to http://www.ubcd4win.com and download the ubcd4win file. It is an .iso image of a boot/tool CD. Burn the CD, boot with it, and run ALL the virus and malware scanners. You can do this with just the old (secondary) drive in the computer. Since the computer is booting off the CD, none of the normal OS files will be loaded into memory.

Also, get ccleaner at http://www.ccleaner.com and run it after you use ubcd4win.
 
  #6  
Old 03-11-08, 08:44 AM
Member
Thread Starter
Join Date: Oct 2005
Location: cheverly, maryland
Posts: 152
Received 0 Votes on 0 Posts
Hi again,

I ran Acronis and it gave me a list of 'malware'. It's the trial version so it doesn't allow me to fix the problem. Some items on the list were Registry items and a few were 'C' drive Windows downloaded program files.

But here is my question. When I tried to view the Windows downloaded program files it had listed, they did not show up in 'MyComputer'.
They show up on the Acronis list when I run it, but not on Ad-Aware, Hijack This, or Spy Doctor. Also not on AVG or Avast.
Is there a way to access them in 'MyComputer' or someplace else?

Thanks,

Mo
 
Reply

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread
Display Modes
 
Ask a Question
Question Title:
Description:
Your question will be posted in: