TechSpot

Trojan Loader

By cberg
Dec 27, 2006
  1. I have tried everything and everytime I log into internet explorer I am redirected to about:blank page, which tells me a virus has been detected (Trojan.DLoader/LX. I followed all of the instructions for viruses/spyware/malware, preliminary removal instructions and nothing has changed.

    PLEASE HELP!
     
  2. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Please post a HijackThis log and an AVG Antispyware log as attachments into this thread so that they can be analyzed.
    Cheers
     
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you want to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.


    Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.


    Regards Howard :wave: :wave:


    This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  4. cberg

    cberg TS Rookie Topic Starter

    Logs

    Thanks you for the help! I am clueless about this stuff!
     
  5. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Your AVG log says nothing detected. According to HJT, however, MyWay Search is installed on your computer, which is considered (by some, at least) spyware.

    To remove this:

    Go into Add or Remove Programs in the Control Panel and remove anything having to do with MyWay Search.

    Have HJT scan and save a logfile. Have it fix the following entries:
    R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
    O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll


    Go into Task Manager and end the process for the following (if there):
    desrcas.dll

    Now, finally, go into C:\Program Files and delete the following folder (if there):
    MyWaySA

    Now after you're all done with your fixing, run HJT again and post a fresh logfile. Also a fresh AVG log would be helpful.

    Cheers

    And if you're looking for a replacement for MyWay Search, there's always Google Toolbar :)

    This thread is for the use of cberg only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
     
  6. cberg

    cberg TS Rookie Topic Starter

    more...

    I attached the new logs...and you are all right I do need help! Its all a secret language and I am doing my best to learn!
     
  7. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    According to your AVG log, it did detect one thing. Get Windows Explorer to show all files and folders, including hidden and system (see how here). Then go into C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1\ and delete A0000114.exe.

    Now have HJT fix the following entries:
    O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://www.imgag.com/cp/install/Crusher.cab


    Now, after this is all done, post fresh logs. Sorry to make this drag out so long, but we gotta be sure... :)

    Cheers

    This thread is for the use of cberg only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
     
  8. cberg

    cberg TS Rookie Topic Starter

    New Log

    I am posting a new hijack this log. I appreciate the help!
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Sorry for the delay in getting back to you.

    Your last HJT log is clean.


    cberg: You cannot manually delete a file from a restore point. The only way to get rid of the nasty in your restore point is to do the following.

    Turn off system restore.(XP/ME only) See how HERE.

    Doing the above will delete all your restore points and anything nasty that`s in them.

    Then, turn system restore back on. That will create a brand new clean restore point.

    Regards Howard :)

    This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. cberg

    cberg TS Rookie Topic Starter

    soooo slow...

    Okay I have done everything that has been suggested I am coming up with clean logs and I have defraged and I have done disc cleanups and my computer is running so slow. Do I need to take it in...is this all too much for me to fix?

    Thanks, Colleen
     
  11. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok, post a fresh HJT log and I`ll see if there`s anything I can do to speed up your system.

    Regards Howard :)

    This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  12. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Whoops, I didn't realize that that was a restore point. Go ahead from here, howard, I've taken it about as far as I can.
     
  13. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    No problem, that was the only mistake you made, it`s no big deal and no damage done. ;)

    Regards Howard :)

    This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  14. cberg

    cberg TS Rookie Topic Starter

    Thanks

    Thanks for all the help!
     
  15. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok, the first thing you can do to speed up your system, is to get rid of that resource hogging McAfee.

    Use one of the free Antivirus and firewall programmes from within this LINK.

    Once you`ve done that, go to add remove programmes and remove any programmes you don`t use.

    Then, click start/run and type msconfig into the run box and press the enter key. When the window appears, click the startup tab and uncheck(disable) anything you don`t want to start with Windows. Click apply/ok and retart your computer. When you see the msconfig window, tick the box that says not to run msconfig the next time you start your computer.

    Once your`ve done that, run the CCleaner programme as per the instructions in this thread HERE. Then, run a disk defrag.

    Let me know how your system is running.

    Regards Howard :)

    This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...