It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

Yet another LopAH problem!

Posted 11/11/2006 6:02 PM
#39169
User avatar

Ty Member

Date Joined Nov 2016
Total Posts: 2
HI



AVG tells me that a threat was detected while opening C:\WINDOWS\gmayk1.dll Trojan horse Lopah



I ran catchme and the log file stated:



C:\WINDOWS\system32\lpt8.kzw

C:\WINDOWS\gmayk1\.upd

C:\WINDOWS\gmayk1\.dll

C:\WINDOWS\gmayk1\.upd



Any help on this greatly appreciated



Cheers
Posted 11/15/2006 6:45 PM
#39318
User avatar

Ty Member

Date Joined Nov 2016
Total Posts: 2
Still got the virus, can anyone please help?




thanks



Posted 11/16/2006 6:12 AM
#39336
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hi Ty :smile:




Sorry, I haven´t seen Your post








Please download: [color=#1991cf>http://swandog46.geekstogo.com/avenger.zip[/url]



by Swandog46 to your Desktop.



Start up Avenger or Test exe.
Check the 'Input script manually' option.
Click the Magnifying Glass icon.
In the box that opens, copy,then paste all the text in the quote box below.

Quote:

[table style="MARGIN-LEFT: 15pt; WIDTH: 100%; mso-cellspacing: 0cm; mso-padding-alt: 4.5pt 4.5pt 4.5pt 4.5pt" cellSpacing=0 cellPadding=0 width="100%" border=0]
[tr ][td style="BORDER-RIGHT: #ffffff 0.75pt inset; PADDING-RIGHT: 4.5pt; BORDER-TOP: #ffffff 0.75pt inset; PADDING-LEFT: 4.5pt; BACKGROUND: #e0f4ff; PADDING-BOTTOM: 4.5pt; BORDER-LEFT: #ffffff 0.75pt inset; PADDING-TOP: 4.5pt; BORDER-BOTTOM: #ffffff 0.75pt inset"]



Files to delete:
C:\WINDOWS\system32\lpt8.kzw

C:\WINDOWS\gmayk1\.upd

C:\WINDOWS\gmayk1\.dll




Registry values to replace with dummy[/color]:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs

[/b]
[/td][/tr][/table]Then click on 'Done'.
Click the Traffic Light icon to start the program.
Then press OK at the prompts to reboot your PC.

After the reboot,



1. Get newest Hijackthis from http://danborg.org/spy/hjt/alternativ.exe
Another name for Hijackthis exe

2 Install it in a PERMANENT folder! Example : c:\hijackthis\

3 Run hijackthis. (alternativ exe).

Choose the "Do a system scan and save a log file" option to perform your scan.

HijackThis will analyze your system, and automatically open a notepad textfile containing the HijackThis log when the scan is finished.

Open the text files containing the logs with a text editor and click Edit -> Select All, followed by Edit -> Copy.
From within the browser window and with the message body text box selected, click Edit -> Paste.



After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt





Please copy/paste the content of C:\avenger.txt into your reply along with a fresh HJT log

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 11/17/2006 2:39 AM
#39379
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Ty - Still with us ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 3, 2016, 4:40 PM (GMT +1)
There are a total of 61,158 posts in 13,448 threads.
In the last 3 days there were 2 new threads and 2 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Old shape.
There are currently no users on-line.