Lop . com tool bars.

Discussion in 'Malware Help (A Specialist Will Reply)' started by Chirtie, Mar 28, 2005.

  1. Chirtie

    Chirtie Private E-2

    OK I've doen everythign I know possible to get rid of these. I've taken my CPU in to the shop twice,run Spybot, and HiJack this. Spybot is up to date and I have installed the patch, and it is finding nothing. I don't know if Hijack this is finding anything but A total of 4 things come up and a couple of them are MSN related. I can be online for up to about 20 minutes and then the search bars appear again. I restart my computer and I can go online for another 20 minutes or so. So, any ideas for me?
     
    Chirtie, Mar 28, 2005
    #1
  2. Chirtie

    Chirtie Private E-2

    I've started using Firefox now too. The search bars haven't shown up yet with that.
     
    Chirtie, Mar 28, 2005
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow the steps below. And if you have Messenger Plus! 3 installed, uninstall it (note: I did not say MSN Messenger or Messenger. They are from Microsoft whereas the on I mentioned is not.)

    - Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above you still have a problem:

    - Download HijackThis 1.99.1

    - Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    - Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

    - Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    - Run HijackThis and save your log file.

    - Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).
     
    chaslang, Mar 28, 2005
    #3
  4. Chirtie

    Chirtie Private E-2

    OK I spent most of my morning trying to follow all the instructions. Some of the stuf I had already done but I tried it over again.
    These were my problems:

    My computer froze while I was downloading AdAware SE.

    I couldn't access the net in safe mode with either IE or Firefox so I couldn't to the online virus scans. I had to do them in normal mode.

    Symantec would only scan my computer security wise (which was fine) but I couldn't scan for viruses. It said my browser was incompatible or the page for virus scanning was no longer available. (I tried both IE and Firefox.)

    Spybot found no problems in Safe or normal modes.

    Trend Micro found two Trojans:
    TROJ_SWIZZOR.BT (1) C:_RESTORE\TEMP\A0104796.CPY
    TROJ_COLLECTOR.A (1) C:RESTORE\TEMP\A0105782.CPY
    Trend Micro's cleaning would not work in normal mode and I couldn't do it in safe mode as I can't get online in safe mode for soem reason.

    Here is my Hijack this log since I don't think my problem is solved as of yet.
     

    Attached Files:

    Chirtie, Mar 28, 2005
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The first step in the READ ME FIRST is to disable system restore. If you found the above files, that means system restore has not been disabled.
     
    chaslang, Mar 28, 2005
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You log is clean (but remember - no browsers should be running when using HJT).

    Have you been fixing items on your own? Your log seems rather empty.

    Please list any problems you are having by name and what the associated files are too.
     
    chaslang, Mar 28, 2005
    #6
  7. Chirtie

    Chirtie Private E-2


    I thought I had. Hmm. Maybe it reset one of the times I had to restart?
     
    Chirtie, Mar 28, 2005
    #7
  8. Chirtie

    Chirtie Private E-2

    I don't think I had a browser open when I used HJT.

    I am terrified to mess with my logs, so I don't touch them. Lop had added a registry key and a friend (with training) deleted it. We gave all the info to the person at the shop I took it in to and he said that was fine.

    The search/tool bars haven't shown up in Firefox. I haven't been on IE long enough since I ran through teh support thread. If they show up again, I'll let you know. Thanks for all your help. :)
     
    Chirtie, Mar 28, 2005
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome! By the way system restore does not turn back on by itself after a reset. It must be enabled manually.
     
    chaslang, Mar 29, 2005
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds