Another trojan horse.AQ

[simo145]

Hi there,

Seems alot of people have had problems with this nuisance. I'll follow the advice posted in this thread https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
and post the results here.

Hmm I've got an issue because some of the various programs (anti-spyware programs, firewalls) don't support Win ME. Is there another solution apart from those suggested in the other threads?

Thanks in advance.

 

[howard_hopkinso]

Hello and welcome to Techspot.

I see your problem.

Try and follow as many of the instructions as you can, leaving out the bits you can`t run.

Regards Howard :wave: :wave:

This thread is for the use of simo145 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[simo145]

I think the problem may have gone away now. AVG anit-virus no longer is picking up the trojan horse LOP.AQ virus ( can i assume its gone).

I tried doing as many steps as I could using the process you suggested Howard but that didn't seem to work. So I ended up resorting to manual deletion and D/L a trial version of Kapersky anti-virus which removed a few entries. And now theres no longer the pop-ups from AVG. What else should I do or can I assume its gone now ?

Thanks again Howard

 

[howard_hopkinso]

If the alerts have stopped, it`s safe to assume the infection is gone.

However, it`s still a good idea to post a fresh HJT log.

Regards Howard

This thread is for the use of simo145 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[simo145]

Hi Howard,

Here is my HJT logfile.
Hopefully theres no lingering pests still around.

And thanks for all your assistance, you do a fantastic job.

 

[howard_hopkinso]

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)

O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\SYSTEM\OPNLLJJ.DLL (file missing)

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktanks/BTDownloadCtrl.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540002} (CInstall Class) - http://www.wildtangent.com/webdrivers/webinstall/shockwave/Install.cab

Click on the fix checked button.

Close HJT and reboot your system.

Other than the above your HJT log looks clean.

Regards Howard

This thread is for the use of simo145 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[simo145]

Did a HJT scan and got rid of those entries you suggested Howard, and they seem to be gone after a fresh scan.

Many thanks Howard.