Just started having problems with my laptop today. It's a school-loaned laptop, so it has two partitions - Home (C: Drive) and School (D: Drive). Now, I began to have problems with my Home Account, or C: Drive during the afternoon today. Mostly, whenever I log on or try to open my internet browser (I use IE), about 25+ more browsers will open. Constantly. Not only that, my computer slows down, I can't access the options menu that appears when I right click on anything, and after a few minutes I can't even open up new windows (for anything at all, even my task manager). So, I got on my School Account and scanned my C: Drive from there. It found a Trojan called cagepieax.dll, and it left the virus alone. My question is this: is there a simple way to remove this Trojan from my laptop? Keep in mind that it's school-loaned, and my C: Drive has the Administrator account. I don't even have the authorization to edit some files from my C: Drive, so I highly doubt that I could install a new anti-virus program to remove it from my D: Drive for me.

Other Details - OS: Windows XP Pro, Laptop: IBM T43p, Anti-Virus Software: Symantec

Not sure if any of that's very relevant, but it might be helpful to know.
Seriously, though. I don't have much in the way of authorization. I can't even defrag my computer.

Sorry if this sort of problem has been discussed before, but I think my situation might be a little unique.

I cannot find any reference of the DLL you listed. Are you certain that this is the troublemaker?

For the most part, yes. Never seen it before, and it's the only file my scanner picked out. I figured if I found anything on it by searching the internet, it might be something else, but the closest thing I got was cagex.dll.

Just to verify, I dug through the same file location on my other computer that has the same OP. Didn't see it.

Grasp firmly at the base and...

Ok, wait, you'd probably rather take it to a school tech guy, since it belongs to the school. That's probably the best way since you can't access some of the files on the comp.

Actually, that's the last thing I want to do. The only thing those guys understand is how to reimage a laptop. I'd prefer to not have to reinstall everything I have onto my laptop, and it'd be very difficult to backup some of my recent files.

However, if I can't fix the problem within a few days, I do intend to take it to them.

If your scanner picked it out, did your scanner not remove the file?

I'll assume it's due to it being a DLL File.

http://www.spywareremove.com/security/how-to-remove-dll-files/

There is a guide on how to remove DLL files.

It said something along the lines of this:

Primary Action - Delete File.
Secondary Action - Quarantine File.
Result - No change to the file.

So it tried to, I guess.

Funny thing. Scanned again, but this time only the Windows\system32 file. Came up blank.

Question mark.

There's not a whole lot you can do to fully assault a virus or trojan without the admin account. I forget -- can regular accounts even get into Safe Mode and delete things as admin accounts can? If not, this thing will likely just laugh at you and wave each time you attempt to take care of it.

There's not a whole lot you can do to fully assault a virus or trojan without the admin account. I forget -- can regular accounts even get into Safe Mode and delete things as admin accounts can? If not, this thing will likely just laugh at you and wave each time you attempt to take care of it.

They should be able to.

If so, that'd help delete the file successfully. Right now it is probably hiding as a protected/system file and avoiding any attempts to be deleted.

There might also be a separate file for re-infection if it gets "cleaned," too.

There might also be a separate file for re-infection if it gets "cleaned," too.

Which is easy enough to take care of. Since you can't delete them while they're running, you end one of them via taskmanager. When the other process restarts it, you end it again useing the end process tree option. Then you can delete both of them.

Found something else on my computer called GetModule36.exe. Apparently, it's a dangerous piece of malware and my first Google search brought up a removal utility for it.

Based on my small bit of computer understanding, I'm guessing GetModule36.exe is the program messing with my computer and cagepieax.dll is associating with it?

What do you think?


Well, I'm on my Home Account right now. Still getting pop-ups, but I'll fix that later. No freezing when I try to open new windows. The files didn't show back up.
Guess I got rid of them.

Thanks for the help.

odds are you have an undetected dropper/installer on your compy, otherwise you wouldnt be having a problem with different things appearing, i had a dropper once and eventually had to submit a hijack this log to find the problem, then remove all the "stuff" it installed, which can be nasty in its own right, i use McAfee and SUPERantispyware (SUPERantispyware is incredibly good, and could probably solve this problem, assuming school compys allow you to install anti-virus software, its also free, but, I would definatly confirm all solutions to a second source before use)