Removal of a couple of Trojan viruses

seligehgit

Hi guys,
Need a bit of help from any technos out there.I was downloading a song from Limeware and it was missing a codec and I was asked if I wished to try playing it with WMP with the missing codec.Stupidly I went on line to retrieve the missing codec and subsequently got a message that I had got 2 Trojan viruses.My Malwarebytes Anti Malware was disabled with an error message coming up,so I downloaded the MAM again and ran a scan of my C drive yesterday.I am not sure if it has removed these Trojan viruses and was just wondering if you guys had any tips for a novice in this area.My laptop works off the Vista operating system.
Ta,
Selig:D

RoadKillTs

Well the first piece of advice would be to stop using Limewire and secondly follow the steps in the sticky.


http://boards.ie/vbulletin/showthread.php?t=2055274237

seligehgit

I tried carrying out Step 1 ak running the Comedian but a Resident Shield Alert is coming up saying there is a threat name called Trojan horse Backdoor SmallX.VX detected on opening with a File name C:\users\seligehgit\AppData\Local\Temp\9EEf.tmp\b2e.dll.I have moved it to the vault in the AVG program and it is coming up that Find String(OGREP) Utility has stopped working and tried in vain to find a solution on line.I have used AVG and Malwarebytes Anti Malware scans to find and erase this trojan but everytime I try opening the Comedian the Trojan appears to mutate i,e. the numbers and letters after \Temp\ change e.g. \Temp\81GD.tmp\b2e.dll.Is there Comedian file itself infected or how on earth do I get rid of annoying and mutating Trojan???Really need some simple instructions to get rid of this Trojan once and for all.
Selig

Bobeagleburger

Hi OP,

Did you get the problem sorted?

It sound like I have the exact same problem as you

ActorSeeksJob

hi

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you don't know how to disable them then just continue on.
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

seligehgit

rarnes1 wrote: »

Hi OP,

Did you get the problem sorted?

It sound like I have the exact same problem as you

Yeah I got the problem sorted.In the end I just left it into the local PC shop and they cleaned up the machine.I am still downloading off Limewire but I am very wary about getting any viruses!!!
Regards,:eek:
Selig

xprepairs

I would scrap Limewire and use Frostwire which is free open source as well as spyware free:
http://www.frostwire.com/?id=downloads

One thing to remember, if downloading MP3's, be sure to hover your cursor over the songs and if they display the bitrate or the length of the tune it will be safe to download. If there is nothing when you hover the cursor, it is most likely a virus so DON'T download it.

Good Luck