Results 1 to 10 of 10
  1. #1
    3 Star Lounger
    Join Date
    May 2001
    Location
    Mount Vernon, Washington, USA
    Posts
    305
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Angry

    My niece's laptop once again has a trojan. It comes up with security alerts...see attached. Have had rundll32.exe is infected and control.exe is infected. I cannot even connect to internet to download Avast, etc. it won't let me get to a site. What can I do? She has Norton on her laptop and it did not catch it. I ran it last night in Safe Mode and it quarantined a trojan, I also ran Malwarebytes but it did not find anything - [attachment=88973:0610100829.pdf][attachment=88974:0610100830.pdf][attachment=88975:0610100831.pdf] the popups keep happening.
    Current
    Trojan Found Bloodhound.pdf.18
    Filename: DWH3478.tmp

    In December: Trojan Found: Bloodhound
    Filename: C:\Doc\Settings\Name\Local Settings\Temp
    Attached Files Attached Files
    lynndelap

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Are the PDFs screen shots of what's happening on the PC, or documents that caused a problem? Obviously we don't want the latter on the forum. Thanks.

  3. #3
    3 Star Lounger
    Join Date
    Jan 2001
    Location
    Marietta, Georgia, USA
    Posts
    296
    Thanks
    9
    Thanked 4 Times in 4 Posts
    Those are just screen shots.
    Rick Groszkiewicz
    Life is too short to drink bad wine (or bad coffee!)

  4. #4
    3 Star Lounger
    Join Date
    May 2001
    Location
    Mount Vernon, Washington, USA
    Posts
    305
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Just screen shots of what is happening on the system.
    lynndelap

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Definitely looks like a "Fake AV" infection.

    [attachment=88979:FakeAV-Warnings.jpg]

    Can you download some clean-up tools onto a USB flash drive or CD using another computer?
    Attached Images Attached Images

  6. #6
    5 Star Lounger RussB's Avatar
    Join Date
    Dec 2009
    Location
    Grand Rapids, Michigan
    Posts
    803
    Thanks
    10
    Thanked 50 Times in 49 Posts
    It looks like the same one that I just removed from a friend of my daughter's laptop. I downloaded Malwarebytes', free edition. Booted the infected computer in Safe Mode, installed Malwarebytes' and ran a scan. This fixed the problem in less than an hour.
    HTH
    Do you "Believe"? Do you vote? Please Read:
    LEARN something today so you can TEACH something tomorrow.
    DETAIL in your question promotes DETAIL in my answer.
    Dominus Vobiscum <))>(

  7. #7
    3 Star Lounger
    Join Date
    May 2001
    Location
    Mount Vernon, Washington, USA
    Posts
    305
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Already did the Malwarebytes.
    lynndelap

  8. #8
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    How to Remove Win32/Nuqel.E Manually

    Run Malwarebytes and or Super antispyware in safemode, or remove manually.

    win32/Nuqel.E+manual removal
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  9. #9
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts
    Hi Lynn :

    Your last screen shot reports the infection as "Nuqel.E", which has been
    found in the "Spyware Protect" and "Antivirus System Pro" "Rogues" .
    Experienced, trained, certified, Volunteer "Malware Removal
    Specialist(s)" would develop an Action Plan based on what some
    "Investigation" FREE, little-known programs show from the "Logs"
    produced from those programs and the One(s) on the Geeks To Go
    Advanced Removal Forums ( http://www.geekstogo.com/forum/forums.html )
    start with the FREE "OTL" and possibly "GMER Rootkit Scanner" .
    An Example of a Volunteer Expert dealing with Nuqel.E is found at
    http://www.geekstogo.com/forum/Win-3...P-t277320.html .

    I found the 411-spyware Site to be unreliable, since it appears to be a
    Promotional Site for Spyware Doctor ( a while back it was a Promo
    Site for another little-known antispyware program, possibly Spyware
    Terminator ) .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  10. #10
    Lounger
    Join Date
    Jun 2010
    Location
    A Texas State of Mind
    Posts
    44
    Thanks
    0
    Thanked 0 Times in 0 Posts
    These are often difficult or impossible to do with out help, you can get help at one of the excellent malware removal support forums. They will guide you through a clean up specific for your infection. You can find many listed here on the ASAP website.
    http://asap.maddoktor2.com/

    Bleeping computer has some excellent guides on how to remove some of these rogue infections also
    http://www.bleepingcomputer.com/forums/
    registered Linux user:476595

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •