Hi,
I'm new to this forum and it seems like quite a God sent for me at the moment. Here is my issue.
After AVG scanned yesterday it located 12 trojan horses in my old exe files (AVG logfile calls it - trojan horse PSW.generic5.agop).
The file was named editor_loader.exe which is located in directories where a 3rd party software is located ( a number of copies and different versions of this 3rd party software which allows me to reprogram my car's engine - LT1Edit )

AVG seemed to take care of the issue by putting these files in the virus vault, but today on startup these 12 trojans came back again along with more.

Attached is aHiJackThis! logfile.

Here are system specs:
AMD Athalon 3200
Asus A8N SLI motherboard
ATI 300SE 256M graphics card
Hapauge 1600 PVR (TV) card
Maxtor 200G HD
1G Ram
LaCie 500G backup drive (was turned off during all above)

I have not expereinced any different performance in my PC since seeing the trojan appear in AVG but I have been seeing ongoing issues since I put this PC together about 2 years ago.
Since 2 years ago on start-up I sometimes get a very long delay at the load XP screen and also randomly my maxtor HD does not get recognized at startup. Takes many reboots for the HD to be recognized eventually.
If any known solutions exist for that HD issue also, let me know.

Any help is greatly appreciated!

Thx in advance

Attached Files

hijackthis.log (9.1 KB, 3 views)

Oh yeah,
1)Please advise on how to scan my backup drive also
and
2)The editor_loader.exe file will be needed for any future installs. Is there a way to fix this file?

Hello crazyman,

There may be a variety of issues here. If you have had issues since building the system, there may be some hardware compatibility issues.

Click Start>Control Panel>Add/Remove Programs
Uninstall MyWebSearch

Where did you get the program "editor_loader.exe"?

What are you trying to scan your backup drive with?

Thanks.

Hi Steve,
I just removed MyWebSearch toolbar

Editor_loader.exe was a program I downloaded many years ago from a website. not sure who the author is. It has been run a few time in the past without issue.

I have the free version of AVG and was thinking of running a scan of the backup drive with it after I sort out the main drive.

Is there anything else I can do to ensure the virus is removed and files fixed?

Could you please "zip" and email a copy of the program? I can submit it to other anti-virus companies to determine if it is indeed infected or if it is a false detection by AVG, I can then notify them to correct it. You should be able to select the drive or the "whole computer" to be scanned by AVG (I would have to look at the actual steps to do it)

Download SilentRunners.vbs
Unzip it to a permanent folder.
Read here how to unzip/extract properly:
Help removing and preventing spyware - Compressed folders XP
Start SilentRunners.vbs
When your antivirus is giving an alert, do not block this. Allow the script.
When the scan is done, notepad will open with a log in it. Please close this again.
I'll need that log later.
Normally that log is saved automatically in your silent runners-folder.
Attach the log it created.

Thanks.

Here is the silent runners log.
But,
I can't seem to access the infected file to zip as AVG keeps saying it is infected and shuts me down from even locating it?
Even when I go to my backup drive that has not been scanned AVG shuts me down as soon as I open the folder where it resides.
Any ideas?

On a positive note when AVG did a scan today it found no viruses?
Can I believe this or should I investigate more?

Shawn

Attached Files

Startup Programs (MISTERXPUTER) 2008-01-14 21.29.18.txt (16.1 KB, 2 views)

Are you able to disable AVG for the period of time while you access the file? This would be good to get analyzed so AVG does not delete valid files (if that is the case).