Found a freeware program that's remotely useful for these type of situations. Cyberhawk is a program that can stop what's called a Zero-Day Attack.
A "Zero-Day" attack occurs when your computer is infected by a Zero-Day threat – a virus, trojan or spyware which is so new that traditional antivirus programs have no "signature" to identify the threat.
If a threat cannot be identified, it cannot be prevented or contained. Consequently, Zero-Day threats spread very quickly, and pose the greatest risk to the safety of your computer, your online security and the security of your personal data.
It shouldn't conflict with your anti-virus or spyware guarding programs as it works in conjunction with those. This is just a temporary stopgap measure as by the looks of it, LOP.AX is fairly new. So until someone with actual knowledge of this comes to help either here or at Major Geeks, download and run this for now. http://www.majorgeeks.com/Cyberhawk_d5190.html
Edit: Cyberhawk is one word not two need more sleep. -_-
Found a freeware program that's remotely useful for these type of situations. Cyberhawk is a program that can stop what's called a Zero-Day Attack.
A "Zero-Day" attack occurs when your computer is infected by a Zero-Day threat – a virus, trojan or spyware which is so new that traditional antivirus programs have no "signature" to identify the threat.
If a threat cannot be identified, it cannot be prevented or contained. Consequently, Zero-Day threats spread very quickly, and pose the greatest risk to the safety of your computer, your online security and the security of your personal data.
It shouldn't conflict with your anti-virus or spyware guarding programs as it works in conjunction with those. This is just a temporary stopgap measure as by the looks of it, LOP.AX is fairly new. So until someone with actual knowledge of this comes to help either here or at Major Geeks, download and run this for now. http://www.majorgeeks.com/Cyberhawk_d5190.html
Sorry, I kinda conked out earlier. Cyberhawk looks interesting, I've never heard of that. Hopefully that should make your clean up job easier. Are there still lots of bad entries showing up in StartUpList? What about HijackThis?
Found a freeware program that's remotely useful for these type of situations. Cyberhawk is a program that can stop what's called a Zero-Day Attack.
A "Zero-Day" attack occurs when your computer is infected by a Zero-Day threat – a virus, trojan or spyware which is so new that traditional antivirus programs have no "signature" to identify the threat.
If a threat cannot be identified, it cannot be prevented or contained. Consequently, Zero-Day threats spread very quickly, and pose the greatest risk to the safety of your computer, your online security and the security of your personal data.
It shouldn't conflict with your anti-virus or spyware guarding programs as it works in conjunction with those. This is just a temporary stopgap measure as by the looks of it, LOP.AX is fairly new. So until someone with actual knowledge of this comes to help either here or at Major Geeks, download and run this for now. http://www.majorgeeks.com/Cyberhawk_d5190.html
How does it work?
And thanks by the by.
How does Cyberhawk work?
Cyberhawk does not rely on signature files to protect, but instead offers a better solution. Cyberhawk’s advanced ActiveDefense technology intelligently analyzes the behavior of processes and programs on a system and immediately halts any malicious action. The patent-pending ActiveDefense technology is the most intelligent behavioral analysis technology available today. It continuously monitors all activities on your PC at a very low system level and uses a proprietary combination of analytics, risk algorithms, program histories and tolerance thresholds to identify and shut down threats. It proactively paralyzes any activity or behavior that might compromise the security of a PC so the PC is always protected, no matter how new the threat.
Edit: Wait. After further research, it may conflict with your firewall and it could also take a little extra time to uninstall. Consider these things before you install this.
It seems to work with Sygate so it should work for the most part. Don't worry too much about installing it though as uninstalling it just requires you to Run (Windows+R) typing services.msc and stopping the service before being able to remove it from your comp.
Not a specific suggestion, but http://www.hijackthis.de/ is a pretty good HJT analyzer. Just paste your log there and it will tell you what's typically bad.
In addition, following this guide has gotten rid of spyware on every machine I've cleaned (I used to clean machines for monies in college). It's pretty involved, but it's thorough. And thorough is necessary.
Er... not that I don't appreciate this, but you (along with everyone telling me to get rid of DSentry) should read the thread.
We've been working on this for hours and you are just telling me stuff I've already done.
Hence "not a specific suggestion". I'm just stating this for the help of anyone else who may come across the thread. Also, you may want to bookmark those as the HJT log analyzer is a nice tool (so you don't have to keep posting your logs over and over).
Not a specific suggestion, but http://www.hijackthis.de/ is a pretty good HJT analyzer. Just paste your log there and it will tell you what's typically bad.
In addition, following this guide has gotten rid of spyware on every machine I've cleaned (I used to clean machines for monies in college). It's pretty involved, but it's thorough. And thorough is necessary.
Er... not that I don't appreciate this, but you (along with everyone telling me to get rid of DSentry) should read the thread.
We've been working on this for hours and you are just telling me stuff I've already done.
Hence "not a specific suggestion". I'm just stating this for the help of anyone else who may come across the thread. Also, you may want to bookmark those as the HJT log analyzer is a nice tool (so you don't have to keep posting your logs over and over).
Next time I'll keep my mouth shut.
No, don't think of it that way. Most of the time when people collaborate, some of those tend to keep quiet who could provide the chance for something useful. While most people are probably looking for a new solution, it's better to tread on grounds that have already been covered to double or triple check than none at all. Sorry if our posts discouraged you earlier, humans can be quite ambivalent sometimes.
Did you try the Smitfraud fix? Or the Vundo Fix? They are meant for specific ad viruses but they sometimes work for others as well.
Make sure you have Avenger, it will remove files for you on startup, and has a few scripts to remove things like the Rustock.b trojan (pe386, lzx32, msguard). But Smitfraud fix would be better for removing that. You should probably check yourself for this trojan, it's quick and easy: http://forums.majorgeeks.com/showthread.php?t=111077
Also, check through your hard drive and make sure random files arent being created.
Did you try scanning with SUPERAntiSpyware? Lop.ax is a browser hijacker, so it's classified as spyware.
"dsentry.exe is an application provided by Dell. It stops the autorun application from executing on disc insertion. dsentry.exe should not be disabled, required for essential applications to work properly."
So, like a dumbass, I decided to check and see where AVG is reporting the virus threats.
They were all coming from my temporary internet files, so I ran AVG twice to disinfect, then I used HijackThis to remove any traces of the virus. Then I went and cleared my temporary internet files, and I believe I may be rid of the virus.
AVG is reporting my system clean, and now when I run HijackThis, the generated dlls aren't showing up. I can't believe I forgot to try something so standard.
I haven't gotten a threat in a while, but I'm feeling things out right now. Thanks everyone for all your help, and I'll keep everyone updated
In the mean time, how about we turn this thread into a general virus protection thread?
I've actually been fighting a trojan on my dad's computer for a while now. It doesn't really seem that malevolent, but I haven't had the time to put into trying to get rid of it. AVG doesn't help at all.
I guess when I visit him this weekend I'll run HijackThis and post a log. I'm hoping one of you might be able to interpret it better than I can.
I've actually been fighting a trojan on my dad's computer for a while now. It doesn't really seem that malevolent, but I haven't had the time to put into trying to get rid of it. AVG doesn't help at all.
I guess when I visit him this weekend I'll run HijackThis and post a log. I'm hoping one of you might be able to interpret it better than I can.
Or you can post it at www.hijackthis.de which will analyze your log when you're waiting for or not getting replies.
Thanks to everyone - this thread came in most useful for putting my mind at rest. Hijackthis is very simple and straightforward to use. It looks like the biggest slowdown factor for my computer is because of McAfee, and no malware (which I had expected to be present because of the slowness of my computer) after all!
Posts
It shouldn't conflict with your anti-virus or spyware guarding programs as it works in conjunction with those. This is just a temporary stopgap measure as by the looks of it, LOP.AX is fairly new. So until someone with actual knowledge of this comes to help either here or at Major Geeks, download and run this for now.
http://www.majorgeeks.com/Cyberhawk_d5190.html
Edit: Cyberhawk is one word not two need more sleep. -_-
How does it work?
And thanks by the by.
How does Cyberhawk work?
Cyberhawk does not rely on signature files to protect, but instead offers a better solution. Cyberhawk’s advanced ActiveDefense technology intelligently analyzes the behavior of processes and programs on a system and immediately halts any malicious action. The patent-pending ActiveDefense technology is the most intelligent behavioral analysis technology available today. It continuously monitors all activities on your PC at a very low system level and uses a proprietary combination of analytics, risk algorithms, program histories and tolerance thresholds to identify and shut down threats. It proactively paralyzes any activity or behavior that might compromise the security of a PC so the PC is always protected, no matter how new the threat.
http://www.novatix.com/Cyberhawk/FAQs/
Edit: Wait. After further research, it may conflict with your firewall and it could also take a little extra time to uninstall. Consider these things before you install this.
It seems to work with Sygate so it should work for the most part. Don't worry too much about installing it though as uninstalling it just requires you to Run (Windows+R) typing services.msc and stopping the service before being able to remove it from your comp.
Hence "not a specific suggestion". I'm just stating this for the help of anyone else who may come across the thread. Also, you may want to bookmark those as the HJT log analyzer is a nice tool (so you don't have to keep posting your logs over and over).
Next time I'll keep my mouth shut.
No, don't think of it that way. Most of the time when people collaborate, some of those tend to keep quiet who could provide the chance for something useful. While most people are probably looking for a new solution, it's better to tread on grounds that have already been covered to double or triple check than none at all. Sorry if our posts discouraged you earlier, humans can be quite ambivalent sometimes.
www.hijackthis.de is a very useful site. Thanks for the link!
Did you try the Smitfraud fix? Or the Vundo Fix? They are meant for specific ad viruses but they sometimes work for others as well.
Make sure you have Avenger, it will remove files for you on startup, and has a few scripts to remove things like the Rustock.b trojan (pe386, lzx32, msguard). But Smitfraud fix would be better for removing that. You should probably check yourself for this trojan, it's quick and easy: http://forums.majorgeeks.com/showthread.php?t=111077
Also, check through your hard drive and make sure random files arent being created.
Did you try scanning with SUPERAntiSpyware? Lop.ax is a browser hijacker, so it's classified as spyware.
There is nothing wrong with DSentry, and yes it comes with Dells. From http://www.liutilities.com/products/wintaskspro/processlibrary/dsentry/ :
"dsentry.exe is an application provided by Dell. It stops the autorun application from executing on disc insertion. dsentry.exe should not be disabled, required for essential applications to work properly."
They were all coming from my temporary internet files, so I ran AVG twice to disinfect, then I used HijackThis to remove any traces of the virus. Then I went and cleared my temporary internet files, and I believe I may be rid of the virus.
AVG is reporting my system clean, and now when I run HijackThis, the generated dlls aren't showing up. I can't believe I forgot to try something so standard.
I haven't gotten a threat in a while, but I'm feeling things out right now. Thanks everyone for all your help, and I'll keep everyone updated
In the mean time, how about we turn this thread into a general virus protection thread?
I guess when I visit him this weekend I'll run HijackThis and post a log. I'm hoping one of you might be able to interpret it better than I can.
Or you can post it at www.hijackthis.de which will analyze your log when you're waiting for or not getting replies.
Thank Doc Holiday, he was the one who came up with the link last page.