Win32: Dropper-gen (Drp).dll and.exe

[REDACTED]

Hi

Is this junk present only in IE? What about the other browsers?

[e.harvey]

I only have IE and Safari. I did have Chrome which also had the Omiga home page, but I deleted it because nobody really used it. Safari is junk free so far as I can tell.

[REDACTED]

Hello

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

Code: [Select]

createsrpoint;
iedefaults;
autoclean;


• Make sure that Scan All Users option is checked.
  
• Push Run Script and wait patiently. The scan may take a couple of minutes.
  
• When the scan completes, a zoek-results logfile should open in notepad.
  
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Dont forget to re-enable your previuosly switched-off protection software!


Is that invasive omiga site still there?

[e.harvey]

Thanks for your reply Naathim. Scan results attached.
Wierdly, the Omiga homepage has disappeared and Google looks normal again, but isn't functioning well. Some pages work, some won't. For example I can click on this forum link from my emails and it works on IE and I can post fine, but I click on other links, from my emails or even from my favourites on IE, and they don't work at all - I just get a blank page. Searching isn't an option either. My pc is also very slow for the first time today since I've had these problems. Safari is still working fine, but on a go slow. Happy days!!

[REDACTED]

So let's investigate further


Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
  
• Your machine may appear very slow and unusable after that - it's normal.
• TDSSKiller will run automaticaly. Click on Change parameters.
  
• Make sure that Verify driver digital signatures & Detect TDLFS File System are marked and click OK.
  
• Click the Start Scan button and wait patiently.
  

If anything will be found follow this guidelines:

• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  If Cure is not available, please choose Skip instead.
  
• Do not choose Delete unless instructed!
  

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.

[e.harvey]

I have attached the file - but there was nothing found!?

[REDACTED]

Hello

Was it the only one logfile there? Should be also another one. If the scan has been done succesfully, there should be a logfile full of text, and not that short.

[e.harvey]

Ok here we go - not quite sure what happened the first time. Here is a much longer report, but still no threats found...

[REDACTED]

Hi

This scanners produces logfiles that are interpreted in a slightly different way, other than only "No threats found"



Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

Code: [Select]

createsrpoint;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;

• Make sure that Scan All Users option is checked.
  
• Push Run Script and wait patiently. The scan may take a couple of minutes.
  
• When the scan completes, a zoek-results logfile should open in notepad.
  
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.



Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on icon and select Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
  
• Make sure that Addition option is checked.
  
• Press Scan button and wait.
  
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
  

Please include their content into your next reply.

[e.harvey]

Reports attached...

[REDACTED]

Hi

I need a second opinion scanner.


Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

• Accept the Terms of Use and click Start.
  
• Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

• Download esetsmartinstaller_enu.exe that you'll be given link to.
  
• Double click esetsmartinstaller_enu.exe.
  
• Allow the Terms of Use and click Start.
  

To perform the scan:

• Make sure that Remove found threats is unchecked.
  
• Scan archives is checked.
  
• In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  
• Click Start
  
• The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
• When completed, the program will begin to scan. This may take several hours. Please, be patient.
  
• Do not do anything on your machine as it may interrupt the scan.
  
• When the scan is done, click Finish.
  
• A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
  

Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!

[e.harvey]

Hi Naat,

I can search and find the link for Eset on IE, but it won't actually take me to the page - this is one of the problems I've been having. IE seems to pick and choose what it lets me do. So shall I install Firefox or Chrome? Or should the scan be on IE that's where most of my problems are? The link from my emails to this forum seems to work on IE. Would it be possible, to send me the link directly in an email? This may not be possible! LEt me know

[REDACTED]

Try using this link, but do not click on it, instead highligh it, copy and paste directly into the browser:

Code: [Select]

http://www.eset.com/online-scanner-popup/
How do you connect to the internet?

[e.harvey]

We have been using Safari, though like I say, I have still been able to use IE (which is still the default browser for my emails) to reply to you through this forum.

[REDACTED]

I meant - are you sitting behind a router? Is it a wire connection, WiFi, mobile phone one?