Keylogger.Trojan

Discussion in 'Windows XP Security' started by Guest, May 18, 2005.

  1. Guest

    Guest Guest

    Hi.... I need help here... Yesterday, when I turned on my PC, I got pop up
    from Norton Anti Virus 2003 that C:\Windows\System32\mdmm.dll infected by
    Keylogger.Trojan and NAV can't clean it also access to the file is denied. I
    already try turn off system restore, delete all cookies and temp. files.
    Restart my PC in safe mode then using housecall.trendmicro complete scan,
    Spybot S&D, TSD-3. Nothing can clean the trojan.
    But, trendmicro detected the trojan in C:\Windows\System32\explorer.dll (
    same with McAfee ) and not in mdmm.dll... How can this happen ? Anybody can
    help me how to clean this trojan ? Thanks in advance. Oh, anyway im using
    WinXP Home Edition SP2

    Hid
     
    Guest, May 18, 2005
    #1
    1. Advertisements

  2. Unexplained computer behavior may be caused by deceptive software
    http://support.microsoft.com/?­id=827315

    Download Ad-aware SE and scan your PC for the presence of sp­yware:
    http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

    Symantec Security Check
    http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym&plfid=23&pkj=YVXRORVWHFHMFNZMBBX

    Microsoft Windows AntiSpyware
    http://www.microsoft.com/downloads/...a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en

    Utilize the following maintenance programs, at least monthly,
    to maintain the optimum performance of Windows XP:

    Description of the Disk Cleanup Tool in Windows XP
    http://support.microsoft.com/default.aspx?scid=kb;en-us;310312&Product=winxp

    How to Perform Disk Error Checking in Windows XP
    http://support.microsoft.com/default.aspx?scid=kb;en-us;315265&Product=winxp

    HOW TO: Analyze and Defragment a Disk in Windows XP
    http://support.microsoft.com/default.aspx?scid=kb;en-us;305781&Product=winxp

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
    Microsoft Newsgroups

    Get Windows XP Service Pack 2 with Advanced Security Technologies:
    http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

    -------------------------------------------------------------------------------------------

    "ImNewb" wrote:

    | Hi.... I need help here... Yesterday, when I turned on my PC, I got pop up
    | from Norton Anti Virus 2003 that C:\Windows\System32\mdmm.dll infected by
    | Keylogger.Trojan and NAV can't clean it also access to the file is denied. I
    | already try turn off system restore, delete all cookies and temp. files.
    | Restart my PC in safe mode then using housecall.trendmicro complete scan,
    | Spybot S&D, TSD-3. Nothing can clean the trojan.
    | But, trendmicro detected the trojan in C:\Windows\System32\explorer.dll (
    | same with McAfee ) and not in mdmm.dll... How can this happen ? Anybody can
    | help me how to clean this trojan ? Thanks in advance. Oh, anyway im using
    | WinXP Home Edition SP2
    |
    | Hid
     
    Carey Frisch [MVP], May 18, 2005
    #2
    1. Advertisements

  3. From: "ImNewb" <>

    | Hi.... I need help here... Yesterday, when I turned on my PC, I got pop up
    | from Norton Anti Virus 2003 that C:\Windows\System32\mdmm.dll infected by
    | Keylogger.Trojan and NAV can't clean it also access to the file is denied. I
    | already try turn off system restore, delete all cookies and temp. files.
    | Restart my PC in safe mode then using housecall.trendmicro complete scan,
    | Spybot S&D, TSD-3. Nothing can clean the trojan.
    | But, trendmicro detected the trojan in C:\Windows\System32\explorer.dll (
    | same with McAfee ) and not in mdmm.dll... How can this happen ? Anybody can
    | help me how to clean this trojan ? Thanks in advance. Oh, anyway im using
    | WinXP Home Edition SP2
    |
    | Hid

    There are anti virus News Groups specifically for this type of discussion.

    microsoft.public.scripting.virus.discussion
    microsoft.public.security.virus
    alt.comp.virus
    alt.comp.anti-virus

    First try the following....

    Dump the contents of the IE Temporary Internet Folder cache (TIF)
    Start --> Settings --> Control Panel --> Internet Options --> Delete Files

    Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
    Tools --> Options --> Privacy --> Cache --> Clear


    Reboot your PC into Safe Mode and shutdown as many applications as possible.
    It would also help for you to read - "How to perform a clean boot in Windows XP"
    http://support.microsoft.com/kb/310353

    Using your NAV software, perform a Full Scan of your platform and clean/delete any infectors
    found


    If that doesn't work please perform the following...

    Download CLEAN.EXE from the URL --
    http://www.ik-cs.com/programs/virtools/clean.exe

    It is a self-extracting ZIP file that contains the Kixtart Script Interpreter
    { http://kixtart.org Kixtart is CareWare } three batch files, two Kixtart scripts, two Link
    (.lnk) files and a PDF instruction file.

    GETFILES.BAT -- For downloading (FTP) the files needed to run the McAfee Command Line
    Scanner. If you are using Windows XP, you may have to disable the Windows XP FireWall to
    allow the FTP utility to download the needed files

    CLEAN.BAT -- For running within Windows after running c:\mcafee\GetFiles.BAT. If you choose
    to scan again at a future date, run this batch file. It will automatically check the date
    of the McAfee DAT files and if it is a couple of days old, it will download (FTP) the latest
    signature files and install them before performing the scan.

    DOSCLEAN.BAT -- For use on a Win9x/ME PC or on a Win2K/WinXP PC that is using FAT32 after
    you have booted from an Emergency Boot Disk or DOS disk and have already executed;
    c:\mcafee\GetFiles.BAT from within Windows. DOS disk boot images can be obtained from;
    http://www.bootdisk.com/bootdisk.htm

    I need you to perform the following...

    Execute; CLEAN.EXE
    Choose; Unzip
    Choose; Close

    Execute; c:\mcafee\GetFiles.BAT
    { or Double-click on 'GetFiles Link' in c:\mcafee }

    Reboot the PC into Safe Mode [F8 key during boot]

    Shutdown as many applications as possible !
    It would also help for you to read - "How to perform a clean boot in Windows XP"
    http://support.microsoft.com/kb/310353

    Execute; c:\mcafee\CLEAN.BAT
    { or Double-click on 'Clean Link' in c:\mcafee }

    A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
    end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
    It is suggested that you move the report out of c:\mcafee before performing another scan.
    It would be a good idea to scan in Safe Mode and in Normal Mode and save a copy of the HTML
    report for each session.


    * * * Please report back your results * * *

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, May 18, 2005
    #3
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jan vee

    safe from keylogger

    jan vee, Aug 25, 2003, in forum: Windows XP Security
    Replies:
    1
    Views:
    220
  2. acer

    free anti-keylogger

    acer, Jan 10, 2004, in forum: Windows XP Security
    Replies:
    1
    Views:
    220
  3. Jeffrey Su

    Keylogger.

    Jeffrey Su, Feb 4, 2004, in forum: Windows XP Security
    Replies:
    1
    Views:
    197
    Pegasus \(MVP\)
    Feb 4, 2004
  4. Guest

    HELP: Trojan keylogger virus

    Guest, Mar 17, 2005, in forum: Windows XP Security
    Replies:
    2
    Views:
    355
    David H. Lipman
    Mar 17, 2005
  5. Keylogger trojan question

    , Aug 3, 2005, in forum: Windows XP Security
    Replies:
    2
    Views:
    178
    David H. Lipman
    Aug 3, 2005
Loading...

Share This Page