View Single Post
  #2  
Old January 14th, 2007, 10:42 PM
Morfeasss Morfeasss is offline
CTH Subscriber
 
Join Date: Feb 2006
O/S: Windows XP Home
Location: Greece
Posts: 5,140
Hello laptopaddict,

There is infection showing and also signs of Lop infection which usually accompanies Messenger Plus! Did you install this program?

Go Here and download ATF cleaner. Click on the downloaded file to run it, and select "Select All", then click Empty Selected (and close ATF).

If you have them, also click on Firefox/Opera at the top and repeat the steps (and close ATF). Firefox/Opera will need to be closed first for the cleaning to be effective.
-------------------------------------------

Download the trial version of AVG Anti-Spyware from here and install it.

I see you have an exisiting copy of Ewido (which this software replaces), agree to the uninstall notification and uninstall Ewido. Reboot after. Then click the AVG download file again to install the software. (If you have a paid version of Ewido installed, go here to follow the steps to upgrade that now.)

After installation, double-click the icon on your Desktop to launch AVG.

On the top of the main screen click Shield. Then click the word Active to change it to Inactive.

You will need to also update AVG to the latest definition files. On the top of the main screen click Update. Then click on Start Update. The update will start and a progress bar will show the updates being installed.

Now close AVG (don't scan just yet).

~~~~~~~~~~~~~~

Go to Start> Control Panel> Add or Remove Programs and uninstall the following if there.

Window Search

You will be given a security code to insert, do so and reboot when done.

If the entry is not there, run the below uninstallers (If your AV queries the download, allow it. It's not malicious).


http://lop.com/new_uninstall.exe
http://lop.com/toolbar_uninstall.exe
~~~~~~~~~~~~~

Reboot into Safe Mode. At startup start tapping the F8 key and select Safe Mode (see here).

Make sure all windows are closed and run AVG. Click Scanner, then click on the Scan tab. Click Complete System Scan to begin scanning. When the scan is complete click Recommended Action and change it to Quarantine. Then click Apply all actions.

Once the scan has finished, click the Save report button, then click Save Report As. This will create a text file. Make sure you know where to find this file again.


Then reboot back to Normal Mode.
~~~~~~~~~~~~~~

I would also like to see another kind of scan, go here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here.

Run HijackThis and post back the new log along with the Silent Runners log and the AVG report please.
Reply With Quote