Trojan horse BackDoor under Vista

[howard_hopkinso]

The ntswrl32.dll file is a backdoor trojan and as such will steal your personal info. Unfortunately, because you`re running Vista, the removal tools aren`t compatible and therefore, I have no idea how to remove the infection.

The only thing I can think of that may work, is uninstalling AVG and using the Avast antivirus programme instead. Maybe that`ll be more successful at removing the trojan. Other than that, I`m out of ideas I`m afraid.

If that doesn`t work, I think it`s probably time you considered backing up your important data and reformatting the system.

Regards Howard

This thread is for the use of LA_RuffRainer only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[LA_RuffRainer]

thanks howard for your help. i tried avast, and it's the same... avast removes the virus but at the next system start the virus is back. and avast found a new one: idapi32.exe
so you really dont know any other methodes to remove this virus?

and another question. i case i reformate my system. with which programs should i protect my "new" system. should i use the windows firewall or other firewall? please list down which programs to use for best system protection. thanks howard

 

[howard_hopkinso]

It seems the idapi32.exe file has been infected with the same backdoor trojan as the other files. Given the nature of the trojan and the fact you`re running Vista, I believe a format is the best way to proceed.

As for firewall software, as far as I`m aware, there is very little that`s currently available for vista. Given time, I`m sure there will be lots of antivirus/antispyware software available for Vista.

Vista was supposed to be so much more secure than previous versions of Windows, but given some of the infections I`ve found in Vista as of late, that doesn`t seem to be the case.

I don`t think whatever antivirus you used, would actually get rid of the trojan. Normally, an antispyware programme would be required. Again, I don`t know which programmes are compatible with Vista.

Regards Howard

 

[LA_RuffRainer]

ok howard, i thin there is no other way then formating the system. do you think i should do it immediatley oris there some time left... at the moment i'm very bussy at work.

 

[howard_hopkinso]

Only you can decide if you should delay or not. Just be aware that the backdoor trojan may well have access to your sensitive information.

Regards Howard

This thread is for the use of LA_RuffRainer only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.