Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Trojan Horse?

23 Jun 2013   #1

indows 7 home permium 64 bit
Trojan Horse?

Lately my HP 6620 is slow. Ran defrag, chkdsk, McAfee, Malwarebytes, Max Secure Spyware, System Mechanic (will not do a full analyze anymore). Ran Spybot Search & Destroy and it stops for quite awhile on Win32.bicololo. Googled this and it says it's a trojan. I can't find it anywhere in the computer with windows explorer or search. Has anyone ever had this and how do I get it out of here. None of the previously mentioned programs remove it.

My System SpecsSystem Spec
23 Jun 2013   #2

Windows 10 Pro x64

Why don`t you have Microsoft Security Essentials installed ?

Microsoft Security Essentials - Microsoft Windows

All those programs you have listed except MBAM do more harm then good. Especially MucAfee.

There are a lot of guides on how to remove it.
My System SpecsSystem Spec
24 Jun 2013   #3
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Let's flush the DNS cache and restore MS's Host Files:

Copy and paste these lines in Note pad.

@Echo on
attrib -h -s -r hosts
echo localhost>HOSTS
attrib +r +h +s hosts
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop.
Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.

Next, download DDS from one of these links:
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
My System SpecsSystem Spec

02 Jul 2013   #4

indows 7 home permium 64 bit

Copied & pasted, placed on desktop, ran as admin, it asks if I want to allow changes, I say yes, I get a quick flash on the screen then nothing happens. Everything is as it was before I ran it as admin. Did I miss something?
My System SpecsSystem Spec
02 Jul 2013   #5

win7 x64

hello dach, the PC should reboot, I just run the bat file a few moments ago.
Did you rename the file (flush.bat) and change the extension from .txt to .bat ?
My System SpecsSystem Spec
02 Jul 2013   #6

indows 7 home permium 64 bit

I evidently had something wrong. I deleted the batch file and re-downloaded. This time it worked. Both files are too long to post here. How do I zip it and attach it that way?
My System SpecsSystem Spec
02 Jul 2013   #7

indows 7 home permium 64 bit

I just figured out how to zip both files. Now how do I attach them? I just figured out how to do that too. Both files are zipped because of their size.

Attached Files
File Type: zip (4.1 KB, 1 views)
File Type: zip (6.9 KB, 1 views)
My System SpecsSystem Spec
03 Jul 2013   #8
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Download AdWareCleaner AdwCleaner Download
or from here Téléchargements - Outils de Xplode - AdwCleaner
to your desktop
1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
2.Click on Delete button.
3.Confirm each time with OK.
4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

Please uninstall Max Secure Spyware!! This program costs money to clean false infections it found
My System SpecsSystem Spec
03 Jul 2013   #9

indows 7 home permium 64 bit

I uninstalled Max Secure Spyware and I also have a MAJOR problem with it. I have been on line with them for over a week trying to straighten it out. And then I messed it up myself. I have a file called TempData that I absolutely cannot get rid of. It won't go out on an uninstall nor a delete. I tried moving it to the desktop (successful) but that wouldn't help so I was trying to put it back where it came from and when I was about to drop it, my mouse hit the end of the mouse pad and I dropped it into iTunes as another file. I still can't get rid of it. It lists over 2 million 1KB files and counts them when accessed. You're absolutely right when you say to dump it. I did but it won't fully go away.
Here's the file from AdwCleaner:

Attached Files
File Type: zip AdwCleaner[S1].zip (6.4 KB, 0 views)
My System SpecsSystem Spec
04 Jul 2013   #10

indows 7 home permium 64 bit

I finally figured out how to completely remove Max Secure Spyware TempData. I used the cmd prompt and typed in CD /D C:\PROGRAM FILES to get to where it was then DIR/X to see where it was, then DEL /Q /S (EXACTLY HOW THE FILE IS WRITTEN)(MY CASE WAS MAXSEC~1) It now took 3 hours to get rid of the 2 million 1KB files that were there but it DID get rid of it.
My System SpecsSystem Spec

 Trojan Horse?

Thread Tools

Similar help and support threads
Thread Forum
Trojan Horse and backdoor.poison
How can i remove this trojan Horse?. I am unable to remove it through avast and malwarebytes. Is there any idea to remove without harming the file system. Please help
System Security
Trojan Horse
Hello All Norton pick this up and can't Delete it.:mad: a0ee3d65141.Class ( Trojan Horse ) Need "Help" On how to get rid of this!:hot: Thanks for your help:geek:
System Security
Infected with Trojan horse giving known error
Typical, giving error of sshnas21.dll missing at the startup of my windows 7 ultimate. I use MSE as anivirus, which caught it and declaired it has been removed. But, after reboot, its clear that its not gone, giving error of sshnas21.dll missing. Currently I am scanning with MRT (Aug 2010)...
Performance & Maintenance
Trojan horse in svchost.exe... What?
Hey. I was checking virusses, but then I was something really strange. AVG antivirusscanner 8.5 gave a Trojan horse in 'svchost.exe'... But that's a Windows file, right?
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:47.
Twitter Facebook