TechSpot

feels like something wrong with my computer

By ideamless
Apr 16, 2007
Topic Status:
Not open for further replies.
  1. well my computer has been going slower and sometimes when i turn it on, my desktop icons and my taskbar is missing. I think a my computer may be infected with a backdoor. Please check this log and help me destroy it.
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Hello and welcome to Techspot.

    Your system is indeed infected with malware.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Download LSPFix from http://cexx.org/lspfix.htm
    1. Disconnect from the Internet, go to the LSPfix file and extract/unzip LSP-Fix into its own folder [C:\lspfix].
    2. Open the lspfix folder and double-click on LSPFix.exe to start the program.
    3. Check the "I know what I am doing" checkbox.
    4. Select (highlight) all instances of 'otocbpr.dll' in the left column under "Keep".
    5. Click the arrow >> so it goes over to the right column under "Remove".
    6. Click "Finish" and LSPfix will remove references to the file and restore the chain numbers.
    7. Restart your computer

    1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

    2. Download the attached avengerscript.txt and save it to your desktop

    Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

    3. Now, start The Avenger program by double clicking on its icon on your desktop.

    Under "Script file to execute" choose "Load script from file".
    Now click on the folder icon which will open a new window titled "open Script File"
    navigate to the file you have just downloaded, click on it and press open
    Now click on the Green Light to begin execution of the script
    Answer "Yes" twice when prompted.

    4. The Avenger will automatically do the following:

    It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
    On reboot, it will briefly open a black command window on your desktop, this is normal.
    After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
    The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

    Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above. Also attach the c:\avenger.txt into your reply.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of ideamless only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. ideamless

    ideamless TS Rookie Topic Starter

    well... umm i followed your instructions and i think it took care of all the viruses and spyware but i think one of the programs may have deleted my local area connections and now i cant get back on the web. I'm using one of my friends computer right now and was wondering if i could get my local area connection files back to get back on the web.

    P.S. I can't post the fresh HJT, AVG antispyware, and combo fix logs yet until i can get my computer back on the web.
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    None of the programmes in the instructions would have deleted your local area connection.

    At what point in the instructions did your connection disappear?

    Regards Howard :)

    This thread is for the use of ideamless only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  5. ideamless

    ideamless TS Rookie Topic Starter

    I think my connection may have dissappeared around step 12-13
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Ok, try doing a system restore and see if that helps. Then post the requested logfiles.

    Regards Howard :)

    This thread is for the use of ideamless only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  7. ideamless

    ideamless TS Rookie Topic Starter

    all my restore points seem to have been deleted


    *Edit* i was able to get my log files from my computer on to this one, hope it helps.
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Your system is absolutely riddled with all kinds of malware. I recommend you backup your important data and reformat your system.

    Even if we managed to clean it, I think there`d be that much damage done to your OS that it`d never work properly.

    If you insist on trying to clean your system, I will try to do so. However, you need to be aware that I cannot guarantee your system will function properly afterwards.

    Let me know how you wish to proceed.

    Regards Howard :)

    This thread is for the use of ideamless only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  9. ideamless

    ideamless TS Rookie Topic Starter

    i think i will probably reformat my computer. Thanks for your help.
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    No problem mate. I think you`ve chosen the correct course of action.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of ideamless only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.