Trojan Loader

[cberg]

I have tried everything and everytime I log into internet explorer I am redirected to about:blank page, which tells me a virus has been detected (Trojan.DLoader/LX. I followed all of the instructions for viruses/spyware/malware, preliminary removal instructions and nothing has changed.

PLEASE HELP!

 

[kitty500cat]

Please post a HijackThis log and an AVG Antispyware log as attachments into this thread so that they can be analyzed.
Cheers

 

[howard_hopkinso]

Hello and welcome to Techspot.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you want to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.


Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.


Regards Howard :wave: :wave:


This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[cberg]

Logs

Thanks you for the help! I am clueless about this stuff!

 

[kitty500cat]

Your AVG log says nothing detected. According to HJT, however, MyWay Search is installed on your computer, which is considered (by some, at least) spyware.

To remove this:

Go into Add or Remove Programs in the Control Panel and remove anything having to do with MyWay Search.

Have HJT scan and save a logfile. Have it fix the following entries:
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll

Go into Task Manager and end the process for the following (if there):
desrcas.dll

Now, finally, go into C:\Program Files and delete the following folder (if there):
MyWaySA

Now after you're all done with your fixing, run HJT again and post a fresh logfile. Also a fresh AVG log would be helpful.

Cheers

And if you're looking for a replacement for MyWay Search, there's always Google Toolbar

This thread is for the use of cberg only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.

 

[cberg]

more...

I attached the new logs...and you are all right I do need help! Its all a secret language and I am doing my best to learn!

 

[kitty500cat]

According to your AVG log, it did detect one thing. Get Windows Explorer to show all files and folders, including hidden and system (see how here). Then go into C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1\ and delete A0000114.exe.

Now have HJT fix the following entries:
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://www.imgag.com/cp/install/Crusher.cab

Now, after this is all done, post fresh logs. Sorry to make this drag out so long, but we gotta be sure...

Cheers

This thread is for the use of cberg only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.

 

[cberg]

New Log

I am posting a new hijack this log. I appreciate the help!

 

[howard_hopkinso]

Sorry for the delay in getting back to you.

Your last HJT log is clean.

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1\ and delete A0000114.exe.

cberg: You cannot manually delete a file from a restore point. The only way to get rid of the nasty in your restore point is to do the following.

Turn off system restore.(XP/ME only) See how HERE.

Doing the above will delete all your restore points and anything nasty that`s in them.

Then, turn system restore back on. That will create a brand new clean restore point.

Regards Howard

This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[cberg]

soooo slow...

Okay I have done everything that has been suggested I am coming up with clean logs and I have defraged and I have done disc cleanups and my computer is running so slow. Do I need to take it in...is this all too much for me to fix?

Thanks, Colleen

 

[howard_hopkinso]

Ok, post a fresh HJT log and I`ll see if there`s anything I can do to speed up your system.

Regards Howard

This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[kitty500cat]

You cannot manually delete a file from a restore point. The only way to get rid of the nasty in your restore point is to do the following.

Whoops, I didn't realize that that was a restore point. Go ahead from here, howard, I've taken it about as far as I can.

 

[howard_hopkinso]

No problem, that was the only mistake you made, it`s no big deal and no damage done.

Regards Howard

This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[cberg]

Thanks

Thanks for all the help!

 

[howard_hopkinso]

Ok, the first thing you can do to speed up your system, is to get rid of that resource hogging McAfee.

Use one of the free Antivirus and firewall programmes from within this LINK.

Once you`ve done that, go to add remove programmes and remove any programmes you don`t use.

Then, click start/run and type msconfig into the run box and press the enter key. When the window appears, click the startup tab and uncheck(disable) anything you don`t want to start with Windows. Click apply/ok and retart your computer. When you see the msconfig window, tick the box that says not to run msconfig the next time you start your computer.

Once your`ve done that, run the CCleaner programme as per the instructions in this thread HERE. Then, run a disk defrag.

Let me know how your system is running.

Regards Howard

This thread is for the use of cberg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.