Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I was wondering why my frontpage wasnt working it had never worked,pressed a couple of buttons then got a prompt at some point to this OFFICEXP.EXE, thats when I got this worm on my p.c, a stupid mistake,I thought it was updating my microsoft office software, its now led to my computer being infected. I've tryed all the virus's checks and alot of spyware removers. Any help is much appreciated. It reads LSA in Spybot. Stu77.
I followed the removal procedure for the worm, and there was no OFFICE.exe in any of the folders. When I start up the task manager though theres 2 process'es MSMSGS, and WUAUCLT, one a worm and the other some form of spyware, sxxx my p.c has problems. What I did find in one of the folders was ccApp, symantecs keylogger detector, or another piece of spyware?
0 
stu77, Use this online virus scanner and post the log it produces Panda Activescan
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to the desktop. Open it,copy/paste into this text editor and post it along with an HT log.
0
As it did a couple of days after I thought the computer was clean. Panda scan freezes up at this, twice now:
C:\WINDOWS|System32|HPZipm12.exe
0
Ok, run the trendmicro scan again and delete anything it can't clean and make a note of it.Run spybot and right down the full path of the any registries that it finds.
Put the C:\WINDOWS\System32\HPZipm12.exe in the recycle bin but don't delete it yet then go to this hp link http://welcome.hp.com/country/us/en/support.html let them detect you serial number the update the printer drivers.
0
I tried Trend Micro again twice, and looks good to me no worm this time. I then tried Spybot and shows as LSA again. So I then Removed Spybot 1.3 and all its components, and downloaded 1.4. tried to do an automatic update while installing and a program IS-TAIDO.tmp tried to get on my computer, i blocked it. Updated, everything, and now Spybot says I'm completely clean, hooray!!! thanks for help from Jabuck, and John Matt. I'm Fxxxin happy!
0
check this out, i clicked on the web, then just for safety purposes did another check it found these, Double click(1), ISearchTech.Sidefind(31), Excite(9),LSA(2), Media Plex(1), it said its deleted all, LSA is nooo more! this best not jinx me. Stu77. Goodbye to the worm, hopefully.
0
Hey stu77, Those sorta look like cookies.I noticed earlier that you have not updated windows to sp2. Although some disagree, security is much better with sp2, you might consider doing that.
0
I've got to do that yeah, i have a couple of problems with SP2, but i think i can get it sorted out, and working.
The Spyware cookies are detected just after clicking on my browser, and come back all the time,LSA is definately gone, and the one that changes the toolbar and history,gone, cool with that.
I use P2P shareware(or whatever its called) and found they target people alot. I fell for it recently, downloaded a Zip file, named with something I wanted, opened it, and prompt came up from Norton, removed a virus from it. You'd think these program could stop these things going on. I got to watch what I'm doin. May have to learn also about better setting up to block certain cookies, John Matt- thanks for info with reference to cookies. Stu77.
0  |
 How can they detect my in...
|
Trojan horse Generic DJD
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
