Solved Trojan found

Nikilet

Member
I am writing on behalf of a friend who has Windows XP on an HP desk top computer approximately 2 years old. She uses SecureIt Plus provided through her ISP.

She was cleaning up her computer, deleting old cards she had made and also information she had saved from emails. These files were duplicating themselves within her trash bin; she had over 100 files in there and couldn't delete any of them.

I told her to try scanning with her free spyware programs and it was either SUPERAntispyware or Malwarebytes that found TROJAN.AGENT/GEN, in addition to some adware items. After she ran these she was able to empty her trash bin but said it still reported a dll file which couldn't be deleted, although this file does not show up in the trash bin. She can't restore the file because it doesn't show. But even if she could, would she then be restoring this trojan if in fact it was located within this dll?

I know she would never have placed a dll file in her trash, so the only thing I can think of is that the trojan was found within that dll file and that's how it got into the trash.

However, I don't know about Malwarebytes, but I don't think SUPERAntispyware deletes files. I think it only quarantines them. So how would it have gotten into the trash? Is there any way to clean this dll file? Is there any way to make it actually show up in the trash can?

I know this is a lot of questions. Can anyone help?
 

My Computer

System One

  • Manufacturer/Model
    Dell DXP061
    CPU
    1.87 gigahertz Intel Core 2 Duo
    Memory
    4 GB
    Sound Card
    High Definition Audio Device
    Monitor(s) Displays
    NVIDIA GeForce 7300 LE DELL E207WFP [Monitor] 20"
    Screen Resolution
    1280x800
    Hard Drives
    SAMSUNG HD321KJ [Hard drive] (320.07 GB)
    Internet Speed
    DSL
    Other Info
    Avast Internet Security 7 / Malwarebytes Pro / WinPatrol Plus / Secunit PSI /
Do you have the name of the dll file?


The recycle bin may have been corrupted, you can follow this tutorial on deleting the recycle bin to possibly fix the corruption.

After that, I would run an elevated sfc/scannow to see if it can replace any missing or corrupted system files.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
I have emailed my friend and asked her if she can give me a full description of the dll file. I will get back to you.

I am going to check out the links you gave me for the trash bin, but she was able to empty it, except for this dll file, after she scanned.
 

My Computer

System One

  • Manufacturer/Model
    Dell DXP061
    CPU
    1.87 gigahertz Intel Core 2 Duo
    Memory
    4 GB
    Sound Card
    High Definition Audio Device
    Monitor(s) Displays
    NVIDIA GeForce 7300 LE DELL E207WFP [Monitor] 20"
    Screen Resolution
    1280x800
    Hard Drives
    SAMSUNG HD321KJ [Hard drive] (320.07 GB)
    Internet Speed
    DSL
    Other Info
    Avast Internet Security 7 / Malwarebytes Pro / WinPatrol Plus / Secunit PSI /
Ok, but I deleted my post since I realized it was for XP, which wouldn't be the same instructions for a corrupt recycle bin. I undeleted it since you already saw it. lol
You can try searching for how to fix a corrupt recycle bin in XP if you like, but I see you say it's alright?
But she could type sfc/scannow in the Start menu -run box in XP.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Yes, I noticed right away that the links were for Vista. I did look up the scf/scannow instructions for XP.

I would worry about her deleting the trash bin completely because of this dll file that is supposedly in there so won't go there for now.

Thing that has me puzzled is that I think it was SUPERAntispyware that found and took care of this trojan. I use that myself and I don't see that it has ever "removed" any files. It always puts them in quarantine and then I go into my C drive and delete them. But again, in her case if she deletes these files and this trojan was found within a dll file she'll be in trouble, won't she?
 

My Computer

System One

  • Manufacturer/Model
    Dell DXP061
    CPU
    1.87 gigahertz Intel Core 2 Duo
    Memory
    4 GB
    Sound Card
    High Definition Audio Device
    Monitor(s) Displays
    NVIDIA GeForce 7300 LE DELL E207WFP [Monitor] 20"
    Screen Resolution
    1280x800
    Hard Drives
    SAMSUNG HD321KJ [Hard drive] (320.07 GB)
    Internet Speed
    DSL
    Other Info
    Avast Internet Security 7 / Malwarebytes Pro / WinPatrol Plus / Secunit PSI /
Well if it did delete some dll, it would depend on the dll as to the severity of problems she would have after it was gone, yeah. But most likely, it would be important to have it replaced.

But it's possible that if she runs sfc/scannow, it can replace the dll. If for some reason it can not, she may need the XP disk to replace the file.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
My friend got back to me and all she said is that although there is nothing showing in her recycle bin, when she clicks to empty it she gets a pop up telling her that she can not remove dlls.

Now that she can empty her recycle bin (except for this mysterious dll) she seems to have lost interest in finding out what has happened and carrying through with this so I will thank you for your answer and close this subject.
 

My Computer

System One

  • Manufacturer/Model
    Dell DXP061
    CPU
    1.87 gigahertz Intel Core 2 Duo
    Memory
    4 GB
    Sound Card
    High Definition Audio Device
    Monitor(s) Displays
    NVIDIA GeForce 7300 LE DELL E207WFP [Monitor] 20"
    Screen Resolution
    1280x800
    Hard Drives
    SAMSUNG HD321KJ [Hard drive] (320.07 GB)
    Internet Speed
    DSL
    Other Info
    Avast Internet Security 7 / Malwarebytes Pro / WinPatrol Plus / Secunit PSI /
Ok, thanks for posting back Nikilet.
 

My Computer

System One

  • Manufacturer/Model
    Airbot 2.0
    CPU
    Core i7 920 (D0) @ 4Ghz, 26c idle- 65c full load on air
    Motherboard
    Asus P6X58D Premium -Sata 6Gb/s - USB 3.0
    Memory
    12GB Corsair Dominator -CMD12GX3M6A1600C8
    Graphics Card(s)
    EVGA Nvidia GTX 480 -Fermi
    Sound Card
    ASUS Xonar D2X
    Monitor(s) Displays
    LG 24" Flatron W2453V-PF Full HD 1080p 2ms response time
    Screen Resolution
    1920x1080@60hz
    Hard Drives
    1 OCZ Vertex2 180GB SSD
    1 TB Samsung Spinpoint F1 7200RPM 32MB cache
    2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)

    Pioneer DVD Burner DVR-S18M
    PSU
    Corsair HX1000W
    Case
    Cooler Master HAF 932
    Cooling
    Case Fans -3 230mm, 1 140mm/CPU - Tuniq Tower 120 Extreme
    Keyboard
    Logitech Wireless MK700
    Mouse
    Logitech Wireless MK700
    Internet Speed
    100 MBPS DL 30.17Mbps UL 0.98Mbps
    Other Info
    Windows 7
    Processor-7.7 RAM- 7.9 Graphics-7.9 Gaming Graphics- 7.9 HDD- 7.8

    W.E.I final score= 7.7

    Windows Vista=5.9
Back
Top