Resolved Trojan.Hiloti

[RomanV]

I have a computer that has the Trojan.Hiloti virus, but so far I have had no luck removing it with any scanners. My network Trend Micro scanner detects it as Cryp_Hiloti and gives me the specific .dll files that are infected. They are opusobuzit.dll and contrt.dll. I don't know if these are important .dll files for windows, so I haven't tried to remove them. This afternoon I will try to manually delete the virus registry and .dlls. Is there anything you all recommend? I would greatly appreciate your help.
Thanks.

-Roman

 

[Bobbye]

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, leave the logs for review in your next reply .

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

 

[RomanV]

Trojan.Hiloti Solved

I found the trojan registry key in HKEY_Local Machine/Software/Microsoft/Windows/CurrentVersion/Run it was saved under Pdsev with run32.exe followed by opusobuzit.dll. I deleted the registry key and did a msconfig and stopped opusobuzit.dll from running at start-up. I then deleted the dll from the Windows directory. I have not had any trouble with it since then and have had no Trend Micro report saying the machine is infected.
All of this had to be done in safe mode. I tried it on Windows normally, and the dll and registry kept showing back up.
Hope this helps anyone with the same problem.

 

[Bobbye]

Malware cleaning solutions aren't interchangeable. And you were specifically asked not to make any Registry changes. You may have solved your own problem, but it is not recommended for anyone to follow what you did without instruction and guidance.