thEse three letters, l,o,p, dont work on my keyboard all of a sudden! I had some trjans and ther stuff I found and cleaned up today by running the 11 steps frm the Viruses/Spyware/Malware, preliminary removal instructions You would not believe how hard it is to be missing letters an trying to type, I am Doing alot of copy and paste to send this message The F8 key and few more also do not work Do I HAVE A virus hERE IS HIJACK loG, and AVG syware log [/ATTACH]
I cant type letters l,o,p !!! they are missing! HElp!
- Thread starter morem
- Start date
- Status
T
tifc8lraz
From what I can tell the hijackthis looks clean, although I'm not an expert. Also, from what I can tell, you've been using a P2P client or a Torrent Client haven't you (i.e Limewire, Morpheus, Bittorrent etc)(look at your AVG Scan)? I would stay away from those if I were you. Also, when did you keyboard stop working, before or after you got rid of the trojans?
The keys went Before and as I was trying to search google and run scans when my mcafee shwed me message that trojan found and deleted C\doc & Settings\owner\locasettings infected by the ExPloit obscuredHtml, that haPPened twice, Pus there were a few things on other scans What can I do I found something on googP that mentioned the l,o,p virus but did not say anymore about it Help
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Delete all files in AVG Antispyware quarantine.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://F:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O16 - DPF: {DF304508-B304-11D3-B860-00201857EBF5} (Pixami Print Layout Control) - http://cal.americangreetings.com/pixami/AGControls.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab
O16 - DPF: {FA945BB6-9D37-43FC-9B2A-AF09F56CBBF0} (moDiagCollectionActiveX Object) - http://www.musicmatch.com/form/support/tech/diagnostics/cabs/DiagCollectionContr ol.cab
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Click on the fix checked button.
Close HJT and reboot your computer.
Locate and delete the following bold files and/or directories(if there).
C:\windows\ALCXMNTR.EXE
Other than the above, your HJT log is clean.
Let`s check for any rootkits.
Download the AVG Antirootkit programme. Disconnect from the net and install the programme, then restart your computer.
Run the programme and click the click "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path"
* Select the Rootkit Driver by placing a checkmark against it and click "Remove selected items." Next, agree for the terms and conditions that is displayed by AVG and click "OK" to reboot the PC. Reconnect to the net.
Download and run the Blacklight programme. Follow all the instructions carefully.
Also, run the Nolop programme as per these instructions.
Please Download NoLop to your desktop from one of the links below...
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/...pmod;dl=item16
First close any other programs you have running as this will require a reboot
Double click NoLop.exe to run it
Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Click OK
Now click the "REBOOT" Button.
A Message should popup from NoLop.
If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HJT log
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.-- http://www.boletrice.com/downloads/mscomctl.ocx
Let me know the results please.
Regards Howard :wave: :wave:
This thread is for the use of morem only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Delete all files in AVG Antispyware quarantine.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://F:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O16 - DPF: {DF304508-B304-11D3-B860-00201857EBF5} (Pixami Print Layout Control) - http://cal.americangreetings.com/pixami/AGControls.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab
O16 - DPF: {FA945BB6-9D37-43FC-9B2A-AF09F56CBBF0} (moDiagCollectionActiveX Object) - http://www.musicmatch.com/form/support/tech/diagnostics/cabs/DiagCollectionContr ol.cab
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Click on the fix checked button.
Close HJT and reboot your computer.
Locate and delete the following bold files and/or directories(if there).
C:\windows\ALCXMNTR.EXE
Other than the above, your HJT log is clean.
Let`s check for any rootkits.
Download the AVG Antirootkit programme. Disconnect from the net and install the programme, then restart your computer.
Run the programme and click the click "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path"
* Select the Rootkit Driver by placing a checkmark against it and click "Remove selected items." Next, agree for the terms and conditions that is displayed by AVG and click "OK" to reboot the PC. Reconnect to the net.
Download and run the Blacklight programme. Follow all the instructions carefully.
Also, run the Nolop programme as per these instructions.
Please Download NoLop to your desktop from one of the links below...
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/...pmod;dl=item16
First close any other programs you have running as this will require a reboot
Double click NoLop.exe to run it
Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Click OK
Now click the "REBOOT" Button.
A Message should popup from NoLop.
If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HJT log
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.-- http://www.boletrice.com/downloads/mscomctl.ocx
Let me know the results please.
Regards Howard :wave: :wave:
This thread is for the use of morem only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
T
tifc8lraz
Good Call Howard :giddy:, I'm only an amatuer at hijackthis logs 
...more hardware for me
...more hardware for me 
keys
I did all that you suggested, I had to uninsta and reinsta my mcafee virusscan due to a prblem unrelated i think first, but then I follwed your list and all scans came back clean, I also went to manufacturers website and tried to update driver for keyboard, that did not do anything I am now getting an error abut my system cnfig when i restart comp that access was denied for a change in a service and that i shoud sign on as an administratr, but I aready am! and i dnt knw what service they mean It doesnt seem to be affecting anything though, comp starts up and runs fine except for that error and these darn missing keys I guess I wil get a new keybard and try that, is there any other suggestins or insight
Here is a new hjt og Thanks
I did all that you suggested, I had to uninsta and reinsta my mcafee virusscan due to a prblem unrelated i think first, but then I follwed your list and all scans came back clean, I also went to manufacturers website and tried to update driver for keyboard, that did not do anything I am now getting an error abut my system cnfig when i restart comp that access was denied for a change in a service and that i shoud sign on as an administratr, but I aready am! and i dnt knw what service they mean It doesnt seem to be affecting anything though, comp starts up and runs fine except for that error and these darn missing keys I guess I wil get a new keybard and try that, is there any other suggestins or insight
Here is a new hjt og Thanks
howard_hopkinso
Posts: 21,238 +17
As tomrca says, your HJT log is clean. I assume the results of the rest of the scanners also came back clean, in which case it probably is a keyboard problem.
Regards Howard
Regards Howard
- Status
Latest posts
-
Asus releases firmware update to address game crashes on Intel CPUs- MSIGamer replied
-
Get a Microsoft Office lifetime license for $29, no subscription required- TS Dealmaster replied
