Lop.AH trojan horse

Status
Not open for further replies.
I can find no info for any of those .exe files. That makes me suspicious.

Check in task manager and see if any of those files are running. If they are, end the process for them.

See if you can backup the files in an archive, then delete them and see how your system runs. If you start getting errors etc, you can always restore them from the backup you made.

Regards Howard :)

This thread is for the use of mandinga only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I have received information from a guy called Cretemonster. He says that you are infected with a rootkit.

Download the following programme from http://www.prevx.com/gromozon.asp...

Run Prevx tool.

It may not run at all and if it does run,i t may tell the user that the infection is not present on the machine.

At this point the user must choose to continue with the scan.

Prevx tool will reboot the machine and run its cleaning process.

Please attach the log in C:\grozmon_removal.log

Thanks to Cretemonster for the info.

Regards Howard :)

This thread is for the use of mandinga only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Right click on the file and go to properties, on the compatability tab check the box 'run this program in compatability mode for' and choose windows 95 on the drop down box. Next try ending the processes in the Task manager. All of this Should kill the program and stop the process from running, which I am guessing is the reason it's not letting you delete it since it is in use.
 
This appears to be a rootkit infection. Hence the instructions.

You cannot simply delete a rootkit, I wish it were so simple.

There have been many advances in virus/trojan removal, but unfortunately rootkit removal is something that doesn`t seem to have been addressed in the same way.

The sad fact of the matter is many rootkits can only be got rid of by a reformat.

I hope this isn`t the case with this one.

Regards Howard :)

This thread is for the use of mandinga only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Rootkit

Hello Howard,

I had already deleted the .exe's in question using the kill box tool.

Obviously after reading your recent post I ran the rootkit program, after a scan it did appear to fix the rootkit, I've attached the log.

After the reboot, as Prevx was working, AVG popped with a warning for the original trojan, so I guess it was still there, this time it healed it.

Hopefully the system is free from bugs now that Prevx has run.

Thank you once again.

Dinga
 
That`s great news.

Hopefully you`re now good to go.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of mandinga only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Fab

Fab,

Once again thank you very much Howard.
Hopefully I won't have to post in this thread again for a while.

Dinga
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
Borderlands trailer fails to instill blockbuster confidence
2
Replies
41
Views
555
Athlonite
Athlonite
VygandasE
Solved .SCR Virus that tries to change my email recovery
2
Replies
25
Views
6K
Broni
Broni
midian182
A Duke Nukem movie from the makers of Cobra Kai is on the way
Replies
15
Views
1K
Puiu
Puiu

Latest posts

Back