lesser-equity

Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware & Security

Register


Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

How do I remove it? Is DLLhost an important file? I have Eset Nod32 2.7....


Reply
 
Thread Tools
  #1  
Old 17th Nov 2007, 00:37
New Member Group
 
Posts: 7
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

How do I remove it? Is DLLhost an important file? I have Eset Nod32 2.7.
  #2  
Old 17th Nov 2007, 00:43
Moderator Group
 
Skill Level: Advanced
Posts: 7,136
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

Welcome to TCF.

Lets have a closer look.

Download HijackThis to your desktop.
Double-click on the file you just downloaded.
Click on the "Install" button to install.
It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis
Please do not change the default install location.
Upon install, HijackThis should open for you.

Next click on the "Do a system scan and save a log file" button.
HijackThis will scan and then a log will open in notepad.
In the top left of the notepad window click "File" > "Save As" name it hijackthis and then save it to the Desktop.
Please save the log as a text (.txt) file or .log
Do NOT attach MS-Word .DOC files, they will NOT be looked at!
In your post, add the log as an Attachment.
* Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
** Don't use the Analyse This button. It's findings are dangerous if misinterpreted.

Guide for attaching logs to a post
__________________

  #3  
Old 17th Nov 2007, 00:51
New Member Group
 
Posts: 7
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

is it safe to post this file? I will if you say it is. =] thanks for the help, i just need to save it all. =]
  #4  
Old 17th Nov 2007, 00:55
Moderator Group
 
Skill Level: Advanced
Posts: 7,136
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

There is no personal information in any log I will ask for. We have to be able to see what all is running on the PC to know the right steps to remove it.

Also what program reported the infection?
__________________

  #5  
Old 17th Nov 2007, 00:57
New Member Group
 
Posts: 7
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

When I booted up the computer, Ashampoo FIrewall said that a filter thing hadn't worked or something.
Nod 32 2.7 said I had the virus.
Attached Files
File Type: txt hijackthis.txt (8.0 KB, 13 views)
  #6  
Old 17th Nov 2007, 01:09
Moderator Group
 
Skill Level: Advanced
Posts: 7,136
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

Open HijackThis and select "Do a system scan only"

Place a check mark next to these entries:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - S-1-5-21-299502267-839522115-854245398-1003 Startup: PowerReg Scheduler.exe (User '?')
O4 - Startup: PowerReg Scheduler.exe
O23 - Service: Windows Display Driver - Unknown owner - C:\Program Files\Common Files\Dllhost.exe
O24 - Desktop Component 1: (no name) - http://en.wikipedia.org/


Close all windows and click "Fix checked"

==========

Please download Combofix by sUBs from either here or here

Save Combofix.exe to your your Desktop.

1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter at the prompt)
2. When finished, it will produce a log for you.
3. Attach that log in your next reply.

Note:
Do not mouseclick combofix's window while it's running. That may cause your computer to stall
__________________

  #7  
Old 17th Nov 2007, 01:36
New Member Group
 
Posts: 7
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

Just to let you kno, I hate the program, I don't trust it xD. It kinda delete sys32, which I thought you kinda needed. I probably hate it because it's not GUI, which I trust xD.
Attached Files
File Type: txt log.txt (14.3 KB, 5 views)
  #8  
Old 17th Nov 2007, 01:56
New Member Group
 
Posts: 7
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

Hello? I am desperate...
  #9  
Old 17th Nov 2007, 01:58
Moderator Group
 
Skill Level: Advanced
Posts: 7,136
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

Takes a minute to look through the logs mate...

Run HijackThis and post a fresh log please.
__________________

  #10  
Old 17th Nov 2007, 02:06
New Member Group
 
Posts: 7
Default C:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan

Ah, sorry. ^^;
What my dad's telling me to do is just scan nod, if it isn't in the system32 folder, which I thought that combofix deleted, I'll delete it, he said. But, we think it's gone.
Attached Files
File Type: txt hijackthis.txt (7.6 KB, 10 views)
Reply

Donate

Register

Bookmarks

Similar Threads
Thread Thread Starter Forum Replies Last Post
Help needed with Trojan.vundo.h (virtumonde) + log files and ss Jasperbak nl Virus, Spyware & Security 32 22nd Jan 2009 05:48
Win 2000Pro has 2 program files directory jensen1328 Windows Operating Systems 2 7th Jun 2008 12:05
Convert .mov (Quicktime) files to .avi files? Kona1984hawaii Multimedia & Codecs 9 3rd Mar 2008 12:58
Re: c:\program files\common files\dllhost.exe infrected with Win32/Hupigon.MN trojan cjd666 Virus, Spyware & Security 3 21st Nov 2007 14:14
Win32.Poison.k Trojan casselle Virus, Spyware & Security 7 22nd Oct 2007 01:28
Thread Tools




Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright ©2006 - 2009 Computer Juice.

Powered by vBulletin® Copyright ©2000 - 2009 Jelsoft Enterprises Ltd. SEO by vBSEO ©2009, Crawlability, Inc.