Trojan in Win.32 driver folder
Last response: in Windows XP
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
This trojan is called
Win32.Benuti.K!downloader
This is where the virus is loacated
C:\WINDOWS\system32\drivers\
This is the file name That is located on my C drive.
bqjguhld.sys
My anti virus does not find this when it dose a scan. It only finds it in
real time when I click on Internet explorer to go on line. My anti virus
pops up a window giving me all the information and says it has deleted it.
It freezes up my IE and I have one heck of a time accessing my browser. When
I go into windows explorer to delete the file it's not there but each time I
go to access my IE it is back again.
Someone please help me. I am a full time student and I have 2 on line
classes that I can't access right now.
Thank you so much,
Crystal
This trojan is called
Win32.Benuti.K!downloader
This is where the virus is loacated
C:\WINDOWS\system32\drivers\
This is the file name That is located on my C drive.
bqjguhld.sys
My anti virus does not find this when it dose a scan. It only finds it in
real time when I click on Internet explorer to go on line. My anti virus
pops up a window giving me all the information and says it has deleted it.
It freezes up my IE and I have one heck of a time accessing my browser. When
I go into windows explorer to delete the file it's not there but each time I
go to access my IE it is back again.
Someone please help me. I am a full time student and I have 2 on line
classes that I can't access right now.
Thank you so much,
Crystal
More about : trojan win driver folder
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
There are anti virus News Groups specifically for this type of discussion.
microsoft.public.scripting.virus.discussion
microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt385.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point
* * * Please report your results ! * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
"Crystal" <Crystal@discussions.microsoft.com> wrote in message
news:CE67F2B0-5FD3-4468-96B6-C61AA3D8EA6E@microsoft.com...
| This trojan is called
| Win32.Benuti.K!downloader
|
| This is where the virus is loacated
| C:\WINDOWS\system32\drivers\
|
|
| This is the file name That is located on my C drive.
| bqjguhld.sys
|
| My anti virus does not find this when it dose a scan. It only finds it in
| real time when I click on Internet explorer to go on line. My anti virus
| pops up a window giving me all the information and says it has deleted it.
| It freezes up my IE and I have one heck of a time accessing my browser. When
| I go into windows explorer to delete the file it's not there but each time I
| go to access my IE it is back again.
|
| Someone please help me. I am a full time student and I have 2 on line
| classes that I can't access right now.
|
| Thank you so much,
| Crystal
|
There are anti virus News Groups specifically for this type of discussion.
microsoft.public.scripting.virus.discussion
microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus
1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt385.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point
* * * Please report your results ! * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
"Crystal" <Crystal@discussions.microsoft.com> wrote in message
news:CE67F2B0-5FD3-4468-96B6-C61AA3D8EA6E@microsoft.com...
| This trojan is called
| Win32.Benuti.K!downloader
|
| This is where the virus is loacated
| C:\WINDOWS\system32\drivers\
|
|
| This is the file name That is located on my C drive.
| bqjguhld.sys
|
| My anti virus does not find this when it dose a scan. It only finds it in
| real time when I click on Internet explorer to go on line. My anti virus
| pops up a window giving me all the information and says it has deleted it.
| It freezes up my IE and I have one heck of a time accessing my browser. When
| I go into windows explorer to delete the file it's not there but each time I
| go to access my IE it is back again.
|
| Someone please help me. I am a full time student and I have 2 on line
| classes that I can't access right now.
|
| Thank you so much,
| Crystal
|
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
Sorry If I posted in the wrong place. This is the first time I have been to
the news groups. Thank you very much for your help. I will perform this
process ASAP.
Crystal
"David H. Lipman" wrote:
> There are anti virus News Groups specifically for this type of discussion.
>
> microsoft.public.scripting.virus.discussion
> microsoft.public.security.virus
> alt.comp.virus
> alt.comp.anti-virus
>
>
> 1) Download the following three items...
>
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend Pattern File.
> http://www.trendmicro.com/download/pattern.asp
>
> Adaware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\New Folder")
> or the desktop
> (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
> Download Sysclean.com and place it in that directory.
> Download the Trend Pattern File by obtaining the ZIP file.
> For example; lpt385.zip
>
> Extract the contents of the ZIP file and place the contents in the same directory as
> sysclean.com.
>
> 2) Update Adaware with the latest definitions.
> 3) Disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
> 4) Reboot your PC into Safe Mode and shutdown as many applications as possible
> 5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
> platform and clean/delete any infectors/parasites found.
> (a few cycles may be needed)
> 6) Restart your PC and perform a "final" Full Scan of your platform using both the
> Trend Sysclean utility and Adaware
> 7) Re-enable System Restore and re-apply any System Restore preferences,
> (e.g. HD space to use suggested 400 ~ 600MB),
> 8) Reboot your PC.
> 9) Create a new Restore point
>
>
> * * * Please report your results ! * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
>
>
>
>
>
> "Crystal" <Crystal@discussions.microsoft.com> wrote in message
> news:CE67F2B0-5FD3-4468-96B6-C61AA3D8EA6E@microsoft.com...
> | This trojan is called
> | Win32.Benuti.K!downloader
> |
> | This is where the virus is loacated
> | C:\WINDOWS\system32\drivers\
> |
> |
> | This is the file name That is located on my C drive.
> | bqjguhld.sys
> |
> | My anti virus does not find this when it dose a scan. It only finds it in
> | real time when I click on Internet explorer to go on line. My anti virus
> | pops up a window giving me all the information and says it has deleted it.
> | It freezes up my IE and I have one heck of a time accessing my browser. When
> | I go into windows explorer to delete the file it's not there but each time I
> | go to access my IE it is back again.
> |
> | Someone please help me. I am a full time student and I have 2 on line
> | classes that I can't access right now.
> |
> | Thank you so much,
> | Crystal
> |
>
>
>
Sorry If I posted in the wrong place. This is the first time I have been to
the news groups. Thank you very much for your help. I will perform this
process ASAP.
Crystal
"David H. Lipman" wrote:
> There are anti virus News Groups specifically for this type of discussion.
>
> microsoft.public.scripting.virus.discussion
> microsoft.public.security.virus
> alt.comp.virus
> alt.comp.anti-virus
>
>
> 1) Download the following three items...
>
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend Pattern File.
> http://www.trendmicro.com/download/pattern.asp
>
> Adaware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\New Folder")
> or the desktop
> (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
> Download Sysclean.com and place it in that directory.
> Download the Trend Pattern File by obtaining the ZIP file.
> For example; lpt385.zip
>
> Extract the contents of the ZIP file and place the contents in the same directory as
> sysclean.com.
>
> 2) Update Adaware with the latest definitions.
> 3) Disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
> 4) Reboot your PC into Safe Mode and shutdown as many applications as possible
> 5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
> platform and clean/delete any infectors/parasites found.
> (a few cycles may be needed)
> 6) Restart your PC and perform a "final" Full Scan of your platform using both the
> Trend Sysclean utility and Adaware
> 7) Re-enable System Restore and re-apply any System Restore preferences,
> (e.g. HD space to use suggested 400 ~ 600MB),
> 8) Reboot your PC.
> 9) Create a new Restore point
>
>
> * * * Please report your results ! * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
>
>
>
>
>
> "Crystal" <Crystal@discussions.microsoft.com> wrote in message
> news:CE67F2B0-5FD3-4468-96B6-C61AA3D8EA6E@microsoft.com...
> | This trojan is called
> | Win32.Benuti.K!downloader
> |
> | This is where the virus is loacated
> | C:\WINDOWS\system32\drivers\
> |
> |
> | This is the file name That is located on my C drive.
> | bqjguhld.sys
> |
> | My anti virus does not find this when it dose a scan. It only finds it in
> | real time when I click on Internet explorer to go on line. My anti virus
> | pops up a window giving me all the information and says it has deleted it.
> | It freezes up my IE and I have one heck of a time accessing my browser. When
> | I go into windows explorer to delete the file it's not there but each time I
> | go to access my IE it is back again.
> |
> | Someone please help me. I am a full time student and I have 2 on line
> | classes that I can't access right now.
> |
> | Thank you so much,
> | Crystal
> |
>
>
>
Related ressources:
- ForumTrojan -gen
- ForumGeneric Host Process for Win32 Services encountered a prob..
- ForumCompletely Removing Trojan (Win32.Cryptor)?
- ForumWorst virus I've ever seen...
- ForumPesky Trojan
- ForumUnstable CPU at random times.
- ForumA trojan or something , whse
- ForumTrojan startpage.16.m
- Forumcant remove trojan
- ForumWe Forgot about the Poor Apple Computer Company!
- Forumwindows xp startup issue
- ForumHelp!!! notepad and many others are gone suppossed Win32 v..
- ForumWin32.small.ca
- ForumCan't open Control panel or device mgr.
- ForumInformation needed on Repository Folder Contents
- ForumWhat's up with csrss.exe
- ForumHELP!!! Please with Windows XP
- ForumCan't Access, delete folder
- Forummy documents folder
- Forumregsvc.exe trojan
- More resources
Read discussions in other Windows XP categories
!
