Hey guys I need some help. I have a virus. It’s some kind of trojan. I think its ldh.exe. My avast detects it and wants to open it in sandbox, but that doesn’t do anything. When I try and open explorer a “XP Home Protection” program keeps popping up wanting me to purchase it. When I click no explorer shuts down…Any advise for the removal of this ?? Thanks
if avast wants to run a file in the sandbox, it means it is suspicious…not malware…yet…
Malwarebytes Anti-Malware 1.50.1 http://filehippo.com/download_malwarebytes_anti_malware/
always update so you have latest database before you scan
click on the remove selected button to quarantine anything found
remeber this is just a google search on the name so it does not have to be the same file bc it has the same name
PREVX file info - LDH.EXE
http://www.prevx.com/filenames/2135573516327921085-X1/LDH.EXE.html
Superantispyware - LDH.EXE
http://www.superantispyware.com/malwarefiles/LDH.EXE.html
upload suspicious file(s) to www.virustotal.com and test with 43 malware scanners
when you have the result, copy the URL in the address bar and post it here for us to see
When I try and open explorer a "XP Home Protection" program keeps popping up wanting me to purchase it.but this sounds like you are infected with a rogue
Remove XP Anti-Spyware 2011, Vista Security 2011, and Win 7 Internet Security 2011 (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011
I can’t seem to get the Malwarebytes Anti-Malware 1.50.1 software to run…
see the guide i have posted above and read it all
step 3-4-5 is important to get MBAM up and running
Why doesn’t a program like Avast find and clean the problem…?
No security program have 100% detection, it is just not possible with the amount of malware produced
Malware baddies crank up Trojan production
http://www.theregister.co.uk/2011/04/06/malware_trends/
did it work… have Malwarebytes removed it ?
If malwarebytes still fails to run
Download RogueKiller to your desktop
[*]Quit all running programs
[*]For Vista/Seven, right click → run as administrator, for XP simply run RogueKiller.exe
[*]When prompted, type 2 and validate
[]The RKreport.txt shall be generated next to the executable.
[]If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.
THEN
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Please download Malwarebytes’ Anti-Malware from Here.
Double Click mbam-setup.exe to install the application.
[*]Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
[*]If an update is found, it will download and install the latest version.
[*]Once the program has loaded, select “Perform Quick Scan”, then click Scan.
[*]The scan may take some time to finish,so please be patient.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Make sure that everything is checked, and click Remove Selected.
[]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
[]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*]Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.