Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Omiga/Lpmxp2029.com virus


  • Please log in to reply
8 replies to this topic

#1 yaypandas

yaypandas

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 16 July 2014 - 02:15 PM

Hello folks,

 

Last week I installed daemon tools lite not knowing that it is now filled with viruses and I became infected with an Omiga plus virus - redirecting my homepage, search etc to their websites. I manually removed most of this and ran malwarebytes and ADWcleaner to manage the rest and things seem to be back to normal.

 

However when I access channel 4's on demand video at 4OD I always get a redirect identical to the images seen here http://malwaretips.com/blogs/remove-lpmxp2029-virus/

This leads me to believe that something is still on my computer but every scan I run is missing out on it.

 

Can anyone help me out?



BC AdBot (Login to Remove)

 


#2 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:10:37 PM

Posted 16 July 2014 - 02:46 PM

 Try this.  Download Junkware Removal Tool and run it.  You can download it from here: http://www.bleepingcomputer.com/download/junkware-removal-tool/

 
Download TDSSKiller and run it.
 
 Click the box in the lower left corner that says "Yes, I accept the Terms of use",  and click the START button. Then click the Enable detection of potentailly unwanted applications button and click Start. 
 Click YES to any popups you get.  This will download the virus signature database then scan your system.  That will take a good while to run - on my laptop it took about 2 hours, but you can do other things while it runs.
  When it finishes scanning, click List Threats. Then click Copy to clipboard and paste it into your next post here.
 
Good luck.

Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#3 yaypandas

yaypandas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 16 July 2014 - 03:47 PM

Thanks!

 

 

Here's where I am at so far:

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Matt795 on 16/07/2014 at 20:53:24.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1261711400-1238131691-3311403458-1004\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/07/2014 at 21:00:36.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

TDSSKiller found nothing.

 

 

ESET Threats:

 

C:\Users\Matt795\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 a variant of Win32/SoftPulse.G potentially unwanted application deleted - quarantined


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 PM

Posted 16 July 2014 - 09:19 PM

Tdss will not find it.

These should

Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
  • If no threats were found, click View detailed log.
    • Click Export and save the log as a .txt file on your Desktop or another location.
  • If the scan detected any threats, click Apply Actions.
    • To complete any actions taken you will be prompted to restart your computer...click on Yes.
    • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
    • Check the box next to Scan Log. Choose the most current scan and click View.
    • Click Export and save the log as a .txt file on your Desktop or another location.
Providing the MalwareBytes' Anti-Malware log file
  • Attach the log file you just saved to your next reply for further review.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 yaypandas

yaypandas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 17 July 2014 - 02:52 AM

Thanks for the help.

 

MWB

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 17/07/2014
Scan Time: 08:35:36
Logfile: MWB.txt
Administrator: No
 
Version: 2.00.2.1012
Malware Database: v2014.07.17.04
Rootkit Database: v2014.07.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Matt795
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 288814
Time Elapsed: 7 min, 4 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 

 

 

ADW

 

# AdwCleaner v3.215 - Report created 17/07/2014 at 08:50:04
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Matt795 - MATT795
# Running from : E:\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\Matt795\AppData\Roaming\Mozilla\Firefox\Profiles\0ypb44j6.default-1405199482803\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Matt795\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1828 octets] - [12/07/2014 22:24:27]
AdwCleaner[R1].txt - [1023 octets] - [12/07/2014 22:27:06]
AdwCleaner[R2].txt - [1075 octets] - [15/07/2014 19:34:17]
AdwCleaner[R3].txt - [1196 octets] - [17/07/2014 08:48:39]
AdwCleaner[S0].txt - [1662 octets] - [12/07/2014 22:25:48]
AdwCleaner[S1].txt - [1291 octets] - [15/07/2014 19:35:57]
AdwCleaner[S2].txt - [1118 octets] - [17/07/2014 08:50:04]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1178 octets] ##########


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 PM

Posted 17 July 2014 - 11:14 AM

Looks good, how is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 yaypandas

yaypandas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 17 July 2014 - 03:35 PM

Seems ok! Thank you so much for the help, it is very much appreciated :)



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:37 PM

Posted 17 July 2014 - 09:42 PM

You're welcome
 

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 yaypandas

yaypandas
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 19 July 2014 - 02:48 AM

Sorted.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users