[liam_hopkinson]

i had a trojan lop.a and a js/downloader ive followed the preliminary removal instructions and i just need someone to check my system

[Howard]

Hiya mate, please do the following.

Open notepad and copy/paste the text in the quote box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code:

Quote:

File::
C:\sqmdata14.sqm
C:\sqmnoopt14.sqm
C:\sqmdata13.sqm
C:\sqmnoopt13.sqm
C:\sqmdata12.sqm
C:\sqmnoopt12.sqm
C:\sqmdata11.sqm
C:\sqmnoopt11.sqm
C:\sqmdata10.sqm
C:\sqmnoopt10.sqm
C:\sqmdata09.sqm
C:\sqmnoopt09.sqm
C:\sqmdata08.sqm
C:\sqmnoopt08.sqm
C:\sqmdata07.sqm
C:\sqmnoopt07.sqm
C:\sqmdata06.sqm
C:\sqmnoopt06.sqm
C:\sqmdata05.sqm
C:\sqmnoopt05.sqm
C:\sqmdata04.sqm
C:\sqmnoopt04.sqm
C:\WINDOWS\system32\OnlineScannerLang.dll
C:\WINDOWS\Internet Logs\xDB5.tmp
C:\WINDOWS\Internet Logs\xDB4.tmp
C:\WINDOWS\Internet Logs\xDB3.tmp
C:\WINDOWS\Internet Logs\xDB2.tmp
C:\WINDOWS\Internet Logs\xDB1.tmp
C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Folder::
C:\VundoFix Backups

Save this as CFScript.txt

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.



This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

Regards Dad

[liam_hopkinson]

here you go

[Howard]

Nearly there mate.

Open notepad and copy/paste the text in the quote box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code:

Quote:

File::
C:\WINDOWS\imsins.BAK
C:\WINDOWS\system32\WS2Fix.exe

Save this as CFScript.txt

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.



This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.

Regards Dad

[liam_hopkinson]

heres the logs

**Liam**

[Howard]

All clean mate.

Unless you`re still having problems, you should be good to go.

Please make sure you are running the latest version of Java 6 update 5.

Go to your control panel and double click the Java applet. Once it opens, click the update tab, followed by the update now button.

Follow the instructions and once any new version of Java has been installed, go to add remove programmes and uninstall any previous versions of Java.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

You may want to have a read of this thread HERE.


If you have any further virus/spyware problems, please post in this thread.

Regards Dad