New Posts  All Forums:Forum Nav:

Trojan Help

post #1 of 20
Thread Starter 
It's not a very good good morning for me today. I have been fighting this virus for 2 days now. Thank goodness you are back up now.

As you can see i found the culprit and have tried a number of things to get rid of it.
1st:
Ran Spy Sweeper, found and deleted the Trojan.
2nd:
Found registry entry and deleted.
3rd:
Ran Ad-Aware with no results
4th:
Ran Norton's Spy Ware scanner with no results.
4th:
Manually removed ((deleted)) file from Registry and Common file folder.
5th:
Ran Mcafee with no results.


Now the thing is, when i reboot, the freaking thing loads back up.

Any suggestion from my fellow O/C'rs
Now i must go to work now but i will be checking to see what other options you can give me on this!




My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
post #2 of 20
Try doing all that in safe mode. Also run disk cleanup in safe mode, that's gotten rid of a few of my problems with spyware.

EDIT: I googled ns18.dll and NSIS and it seems that stuff comes from Nullsoft? Do you use Winamp? It may not be a trojan but a backdoor for Winamp (hey it is AOL...never know)
Mira
(17 items)
 
R a z a N e u n
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i5 2400S ASRock Z77 Extreme 4 AMD Radeon R9 390 Crucial Ballistix Tracer 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 850 Pro 256GB Western Digital WD50000LPLX LG BR/DVD/CD Burner Air Nation 
OSMonitorMonitorMonitor
Windows 10 Home RCA 32" 1080p RCA 32" 1080p LG 32" 1080p 
KeyboardPowerCaseMouse
Cooler Master Devastator II Ultra 1000w PC Voodoo Rage Cooler Master Devastator II 
Mouse Pad
Custom 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q8400 EP45-UD3L ATI Radeon HD 6950 Crucial Ballistix Tracer 
Hard DriveOptical DriveCoolingOS
1TB Western Digital LiteON DVD+-RW ArcticCooling CPU | 4x 80mm Case Fans Windows 7 Ultimate (64bit) 
MonitorKeyboardPowerCase
Sony 46" + LG 32" Logitech G15 Silverstone ST60F 600W VoodooPC Rage D:100 
MouseMouse PadAudio
Logitech VX Revolution Vera Wang AltecLansing 5.1 300W Surround 
  hide details  
Reply
Mira
(17 items)
 
R a z a N e u n
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i5 2400S ASRock Z77 Extreme 4 AMD Radeon R9 390 Crucial Ballistix Tracer 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 850 Pro 256GB Western Digital WD50000LPLX LG BR/DVD/CD Burner Air Nation 
OSMonitorMonitorMonitor
Windows 10 Home RCA 32" 1080p RCA 32" 1080p LG 32" 1080p 
KeyboardPowerCaseMouse
Cooler Master Devastator II Ultra 1000w PC Voodoo Rage Cooler Master Devastator II 
Mouse Pad
Custom 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q8400 EP45-UD3L ATI Radeon HD 6950 Crucial Ballistix Tracer 
Hard DriveOptical DriveCoolingOS
1TB Western Digital LiteON DVD+-RW ArcticCooling CPU | 4x 80mm Case Fans Windows 7 Ultimate (64bit) 
MonitorKeyboardPowerCase
Sony 46" + LG 32" Logitech G15 Silverstone ST60F 600W VoodooPC Rage D:100 
MouseMouse PadAudio
Logitech VX Revolution Vera Wang AltecLansing 5.1 300W Surround 
  hide details  
Reply
post #3 of 20
Grisoft.com

DL AVG free version, I have the pro network version and it cleans up anything I have.

If anything else you need to just save files you know are good and reformat otherwise it will corrupting your files.
LUCKY
(13 items)
 
  
CPUGraphicsHard DriveOS
I5 3570 4890 1 TB WD Windows 7 
MonitorKeyboardPowerCase
Dell 2407 Saitek Eclipse OCZ Powerstream 850 Custom (build log in sig) 
Mouse
MX518 
  hide details  
Reply
LUCKY
(13 items)
 
  
CPUGraphicsHard DriveOS
I5 3570 4890 1 TB WD Windows 7 
MonitorKeyboardPowerCase
Dell 2407 Saitek Eclipse OCZ Powerstream 850 Custom (build log in sig) 
Mouse
MX518 
  hide details  
Reply
post #4 of 20
Thread Starter 
At work now, but can you provide a link to this software you are refuring to?

Sorry forgot to mention, i did load up in safe mode and rann all of the above and still no luck
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
post #5 of 20
AVG Free

I use the same thing Ozzi, it's great! Catches more than Norton or McAfee. It even works with Vista 5600.
Mira
(17 items)
 
R a z a N e u n
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i5 2400S ASRock Z77 Extreme 4 AMD Radeon R9 390 Crucial Ballistix Tracer 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 850 Pro 256GB Western Digital WD50000LPLX LG BR/DVD/CD Burner Air Nation 
OSMonitorMonitorMonitor
Windows 10 Home RCA 32" 1080p RCA 32" 1080p LG 32" 1080p 
KeyboardPowerCaseMouse
Cooler Master Devastator II Ultra 1000w PC Voodoo Rage Cooler Master Devastator II 
Mouse Pad
Custom 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q8400 EP45-UD3L ATI Radeon HD 6950 Crucial Ballistix Tracer 
Hard DriveOptical DriveCoolingOS
1TB Western Digital LiteON DVD+-RW ArcticCooling CPU | 4x 80mm Case Fans Windows 7 Ultimate (64bit) 
MonitorKeyboardPowerCase
Sony 46" + LG 32" Logitech G15 Silverstone ST60F 600W VoodooPC Rage D:100 
MouseMouse PadAudio
Logitech VX Revolution Vera Wang AltecLansing 5.1 300W Surround 
  hide details  
Reply
Mira
(17 items)
 
R a z a N e u n
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i5 2400S ASRock Z77 Extreme 4 AMD Radeon R9 390 Crucial Ballistix Tracer 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 850 Pro 256GB Western Digital WD50000LPLX LG BR/DVD/CD Burner Air Nation 
OSMonitorMonitorMonitor
Windows 10 Home RCA 32" 1080p RCA 32" 1080p LG 32" 1080p 
KeyboardPowerCaseMouse
Cooler Master Devastator II Ultra 1000w PC Voodoo Rage Cooler Master Devastator II 
Mouse Pad
Custom 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q8400 EP45-UD3L ATI Radeon HD 6950 Crucial Ballistix Tracer 
Hard DriveOptical DriveCoolingOS
1TB Western Digital LiteON DVD+-RW ArcticCooling CPU | 4x 80mm Case Fans Windows 7 Ultimate (64bit) 
MonitorKeyboardPowerCase
Sony 46" + LG 32" Logitech G15 Silverstone ST60F 600W VoodooPC Rage D:100 
MouseMouse PadAudio
Logitech VX Revolution Vera Wang AltecLansing 5.1 300W Surround 
  hide details  
Reply
post #6 of 20
May it be the prefered "Safe Mode" do set your "Auto Recovery" to Disable before going in to safe mode. That Trojan may be resident in the BU files which may need to be deleted.
    
CPUMotherboardGraphicsRAM
X4 965 ASUS M4A79 Deluxe 9800GTx2 2x2G OCZ Reapers 
Hard DriveOptical DriveOSMonitor
500G WD Black LiteOn CD/DVD R/W Win7 64 22'' ws Acer AL2223W 
KeyboardPowerMouse
MS KU462 Natural SS DA750 MS 5 button 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
X4 965 ASUS M4A79 Deluxe 9800GTx2 2x2G OCZ Reapers 
Hard DriveOptical DriveOSMonitor
500G WD Black LiteOn CD/DVD R/W Win7 64 22'' ws Acer AL2223W 
KeyboardPowerMouse
MS KU462 Natural SS DA750 MS 5 button 
  hide details  
Reply
post #7 of 20
Turn off system restore then boot in safe mode, first try just deleting it then if it does or doesn't delete still run everything all over again, i would recommend AVG for an antivirus scan.
http://free.grisoft.com/freeweb.php/doc/2/
post #8 of 20
Thread Starter 
Quote:
Originally Posted by Modki
AVG Free

I use the same thing Ozzi, it's great! Catches more than Norton or McAfee. It even works with Vista 5600.
Will give it a try tonight. ((thanks))


Quote:
Originally Posted by OzziKing
Grisoft.com

If anything else you need to just save files you know are good and reformat otherwise it will corrupting your files.
Don't want to reformat again


Quote:
Originally Posted by The Duke
May it be the prefered "Safe Mode" do set your "Auto Recovery" to Disable before going in to safe mode. That Trojan may be resident in the BU files which may need to be deleted.
I did disable recovery and booted in safe mode and ran Spy Sweeper and Ad-Aware. It still catches it and deletes it. I even manually deleted file from C, and it still came back after booting.

Quote:
Originally Posted by Sin100
Turn off system restore then boot in safe mode, first try just deleting it then if it does or doesn't delete still run everything all over again, i would recommend AVG for an antivirus scan.
http://free.grisoft.com/freeweb.php/doc/2/

Thanks for the link.

Thanks for all the info, I will try all suggestions again, because i really don't want to have to reformat.
Although it's fun, it's just a hassle.
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
post #9 of 20
Thread Starter 
I'm <////////=] guys,

I have done all that was suggested and more. From what i have read this is an unrecoverable virus which requires a reformat to get rid of it.

I've tried all of the suggestions above and it keeps loading it's self at boot up.

Please any more suggestions?
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
My BFG
(13 items)
 
  
CPUMotherboardGraphicsRAM
Core 2 Duo E6600 EVGA 680i SLI NF68 2 X 8800GTS 640MB in SLI G.Skill PC6400 DDR2 800Mhz 
Hard DriveOSMonitorKeyboard
250g SATA2 16Mb Windows XP home 20.1 Wide Screen Saitek Eclipse 
PowerCaseMouse
OCZ GamerXtream 700W Thermaltake Armor MS Optical 
  hide details  
Reply
post #10 of 20
Do you know the exact name of the problem? If so google it and you may find links to "HiJackthis" posts on the issue. Some Trojans require a spicific utility to remove them.
    
CPUMotherboardGraphicsRAM
X4 965 ASUS M4A79 Deluxe 9800GTx2 2x2G OCZ Reapers 
Hard DriveOptical DriveOSMonitor
500G WD Black LiteOn CD/DVD R/W Win7 64 22'' ws Acer AL2223W 
KeyboardPowerMouse
MS KU462 Natural SS DA750 MS 5 button 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
X4 965 ASUS M4A79 Deluxe 9800GTx2 2x2G OCZ Reapers 
Hard DriveOptical DriveOSMonitor
500G WD Black LiteOn CD/DVD R/W Win7 64 22'' ws Acer AL2223W 
KeyboardPowerMouse
MS KU462 Natural SS DA750 MS 5 button 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows