AVG identifies it as Trojan Lop.D  .... and every time it deletes it it appears again after a while and warns me and asks me to delete it again.. It's always a different dll (different names), but it's always in WINDOWS's System 32 folder..

It turned System Restore off.........

I've tried Trend Micro, AVG, NOD32 .... and it takes long to scan and it does detect it I guess, but it comes back.

I don't know what to do.....................................


advice, please?

quote:

---

Originally posted by toddy

quote:

---

Originally posted by alex

quote:

---

Originally posted by Eljay

quote:

---

Originally posted by alex
Get a Mac.


* alex runs

---

buy me a Mac kao, you bitch. =[

---

One condition. Win the lottery and give the money to me. Then I'll buy you one.

---

time to play the lottery was last week !

---

Did you install the Plus sponsor?

No, it has nothing to do with Plus!..

use avast boot scan pwns trojans

That's what happened to me once. I had to get my computer reformatted because the virus just wasn't going away.

[EDIT] Have you updated all of your virus scanners? As new viruses keep coming around you must update your Anti-Virus in order for them to remove them properly.

you don't remove the whole virus with windows based virus scanners, because some of the virus is running and normally won't be shutdown (the ppl who write viruses know this) so you have to use some thing to remove the viruses before the get to execute any code, so download an av that supports boot time scanning or download a live os and use it's interface to remove the virus, i recomend using an os with a virus scanner so you don't miss any files..

i remove viruses all the time for my stupid friends using the following method

download bartpe builder (www.nu2.nu/pebuilder/)
download the avast extention (http://www.avast.com/eng/avast_bart_cd.html)
make an iso
boot off your burnt iso
depending on when you made your iso update the virus defs. or not
scan and remove infected files
reboot into windows

[edit: missing word]

you could try Stinger

quote:

---

Originally posted by q25
No, it has nothing to do with Plus!..

---

or remove the adware sponsor

All Virus's are ment to do is infect your computer. It is their mission to mess up your pc e.g delete, edit, rename files, mess up system settings etc.
The people who create them try to make it undeleteable so they will make it duplicate itself and place it all over your computer. So what happens is you AV will delete it, but there will be another one on your pc somewhere else. So it will carry on duplicating itself.
Hope this make sense

It is important to note that a virus or Trojan cannot be spread without a human action, (such as running an infected program) to keep it going.  People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending e-mails with viruses as attachments in the e-mail.

Can you post the name of the virus and the infected files.

Lop isn't a trojan, it's adware. Most anti-virus software miss-label what kind of danger a file is.

You're all telling me stuff I already knew... I want to know how to get rid of it for once and for all..... not what it is, etc..

quote:

---

Originally posted by xen0h
or remove the adware sponsor

---

quote:

---

Originally posted by xen0h
you don't remove the whole virus with windows based virus scanners, because some of the virus is running and normally won't be shutdown (the ppl who write viruses know this) so you have to use some thing to remove the viruses before the get to execute any code, so download an av that supports boot time scanning or download a live os and use it's interface to remove the virus, i recomend using an os with a virus scanner so you don't miss any files..

i remove viruses all the time for my stupid friends using the following method

download bartpe builder (www.nu2.nu/pebuilder/)
download the avast extention (http://www.avast.com/eng/avast_bart_cd.html)
make an iso
boot off your burnt iso
depending on when you made your iso update the virus defs. or not
scan and remove infected files
reboot into windows

---

Dane's Basic Virus Removing Procedure for Home Users:
Print this off for offline reference.

• Turn off your computer.
  
• Boot back up, but when you see the Windows Logo Screen, Enter safe mode (Hold F8 to get this option)
  
• Log in as the affected user account (in Windows XP/Vista), Just ensure that you have administrative privileges.
  
• Go to Start -> Run -> Type "msconfig" (in Windows XP), or press the Windows Logo Key + R (in Windows Vista)
  
• Select "Selective Startup" on the General Tab, and then Press Apply/OK.  Select "Exit Without Restart".
  
• Go to Start -> Run -> type "regedit" (in Windows XP), or press the Windows Logo Key + R (in Windows Vista)
  
• Expand "HKEY_CURRENT_USER" -> "Software" -> "Microsoft" -> "Windows" -> "Current Version".
  
• Select "Run" and on the right side, confirm that all the files you see are recognizeable.  Delete the ones that are not recognizeable.  If you see an EXE such as "fejgra.exe" or what appears to be random letters and ".exe", Delete that.  It is more than likely the virus.
  
• Expand "HKEY_LOCAL_MACHINE" -> "Software" -> "Microsoft" -> "Windows" -> "Current Version".
  
• Select "Run" and on the right side, confirm that all the files you see are recognizeable.  Delete the ones that are not recognizeable.  If you see an EXE such as "fejgra.exe" or what appears to be random letters and ".exe", Delete that.  It is more than likely the virus.
  
• Go to "Start" -> "All Programs" -> "Startup" and Ensure any suspicious programs arent starting up from there.
  
• When you have completed all of these tasks, reboot your computer.
  
• Re-Run your Virus Scanner.  Or, if you want a third party opinion, Visit Symantec's Norton 2008 product line website.  It is the worlds most trusted antivirus solution.  There is a 15-day Trialware Option.
  
• Remove any detections of viruses
  
• Reboot your computer
  
• Go to Start -> Run -> Type "msconfig" (in Windows XP), or press the Windows Logo Key + R (in Windows Vista)
  
• Select "Normal Startup" on the General Tab, and then Press Apply/OK.  Select "Restart after Exit".

send me your hard disk and i'll do it

quote:

---

Originally posted by xen0h


download bartpe builder (www.nu2.nu/pebuilder/)
download the avast extention (http://www.avast.com/eng/avast_bart_cd.html)
make an iso
boot off your burnt iso
depending on when you made your iso update the virus defs. or not
scan and remove infected files
reboot into windows

---

It's the Messenger Plus! Sponsor program. To remove it, simply download and run this file:
http://cidhelp.com/new_uninstall.exe

quote:

---

Originally posted by Dane
Boot back up, but when you see the Windows Logo Screen, Enter safe mode (Hold F8 to get this option)

---

quote:

---

Originally posted by Dane


Select "Selective Startup" on the General Tab, and then Press Apply/OK.  Select "Exit Without Restart".

---

It has nothing to do with Messenger Plus, like I stated. I've never installed the sponsor... well, maybe once when patch asked us to test it but that was a LONG time ago.  This started happening last week. Nothing to do with plus!'s sponsor..

As for the other things: Thanks, I'll try them now.

If the file is in your system restore section ignore it. It is just a bakcup of a file your anti-virus detects are dangerous, when it reality it has no power what-so-ever. Messing with system restore files is a bad idea .

While some might argue against that, the best way to clean up a malware infection is clean format and fresh install of Windows.  That will get it every time. 

The removal by means of antivirus or antispyware software is simply not always effective.  I have experienced your problem, of crap coming back in a matter of days, before -- the ultimate solution has always been a clean format.

did you use an interface other than windows?

quote:

---

Originally posted by Adeptus
While some might argue against that, the best way to clean up a malware infection is clean format and fresh install of Windows.  That will get it every time.

---

that's why my way should be given some thought

quote:

---

Originally posted by NiteMare

quote:

---

Originally posted by Adeptus
While some might argue against that, the best way to clean up a malware infection is clean format and fresh install of Windows.  That will get it every time.

---

curing the disease by killing the patiant, good idea, i really like to fit to keep my files intact first

---

for this one there's an easy cure
remove lop tool
run that in safe mode
why'd we not find that earlier?
and

"True but sometimes for these things there's no cure. "
possible but not normally


did it die?

this still hasn't been solved.... Would it help identify the problem if I post the HijackThis log?

quote:

---

Originally posted by Adeptus
While some might argue against that, the best way to clean up a malware infection is clean format and fresh install of Windows.  That will get it every time. 

The removal by means of antivirus or antispyware software is simply not always effective.  I have experienced your problem, of crap coming back in a matter of days, before -- the ultimate solution has always been a clean format.

---

You don't have a problem, the files are harmless and just being detected as dangerous because of their location and file name. They can't do anything do harm your computer, just relax and ignore it .

quote:

---

Originally posted by absorbation
You don't have a problem, the files are harmless and just being detected as dangerous because of their location and file name. They can't do anything do harm your computer, just relax and ignore it .

---

The problem is constant with AVG, most anti-virus software go into panic mode and detect safe files as a threat. Remember how Messenger Plus! had issues with Windows Defender?

quote:

---

Originally posted by Verte
I have never formatted a machine [except when installing a new operating system with a different root file system type] but I guess it can't be too bad to start fresh sometimes.

Of course, you gloss over the possibility of BIOS-resident malware as difficult as it is to do right.

@q25: What was wrong with the lop removal tool?

---

quote:

---

Originally posted by absorbation
You don't have a problem, the files are harmless and just being detected as dangerous because of their location and file name. They can't do anything do harm your computer, just relax and ignore it (Smilie).

---