Touch Forum Moderator Hello
Please post latest Bullguard antivirus scan log.
Look here how to copy it to Desktop -Picture 7
Back to Top
norsenoddy Hello are just having problems getting a full scan it keeps shutting down before it can finnish but showing infections before it shuts down I'll see what we can do. Thanks for the contact Back to Top
norsenoddy Hi, i've managed to get a full scan done now, for some reason the system would shut itself down when i tried to do the scan in safe mode, but allowed it to finish in normal mode. The scan found and solved many serious problems, but not all. It told me that i should restart to delete the remaining problems, but after I did that it failed to solve them, so I have two scan logs, one from immediatly before restarting, and another after the restart. Here is the one before the restart:.exe.exe.txt.exe.exe.txt.txt.exe.exe.exe.exePost Edited (norsenoddy) : 08-02-2009 19:02:42 GMT
Back to Top
norsenoddy Hi, another update: I received a response from bullguard to my scan log, and was advised to restart in safe mode and manually delete the file mentioned above (xxyARjgD.dll). I tried this but was told I did not have permission to delete it, even though I had turned off 'read only' on the files properties, and was logged on as administrator Back to Top
Touch Forum Moderator You can´t delete the mentioned file, as it is part of a (vundo) infection. We need to use special fix tools ->
Once installed, run CCleaner click the Windows tab
Reboot
Please download Malwarebytes' Anti-Malware:
Or here:
to your desktop .
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch
Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Please connect all your external hard drive/flash drive before running Malwarebyte
Once the program has loaded, select Perform full scan , then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location.
NB : If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
to download HJTinstall.exe
Save HJTinstall.exe to your desktop.
By default it will install to C:\Program Files\Trend Micro\Hijack This.
Click I accept
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet.
Most of what it finds will be harmless or even required.
Post hijackthis log along with Malwarebytes' Anti-Malware log
Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.
Post Edited (Touch) : 09-02-2009 06:29:09 GMT
Back to Top
norsenoddy Ok, got all that :) Here's the hijack this log: Malwarebytes' Anti-Malware 1.33 (Trojan.Vundo.H) -> Quarantined and deleted successfully. Back to Top
Touch Forum Moderator According to the (removed) infections in malwarebyte log´s, I´ll need to see a combofix log.
But first -it looks like you have two antivirus programs running - Bullguard and AVG8 .
" Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and will typically cause your computer to crash, and will provide less protection . Not more ."
Remove/uninstall from "add/remove programs" in controlpanel:
One of Your antivirus programs. Then ->
Please download Combofix:
And save to the desktop.
Close all other browser windows.
Note combofix is detected by some antivirus programs as a "RiskTool" /infection; it is not a virus. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
If necessary, temporarily disable/shutdown your anti-virus.
Please connect all your external hard drive/flash drive before running Combofix, if you have any
Double-click on the combofix icon found on your desktop.
Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.
When finished, it will produce a logfile located at C:\combofix.txt.
Post the contents of that log in your next reply.
Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.
Post Edited (Touch) : 09-02-2009 19:15:08 GMT
Back to Top
norsenoddy Hi, sorry this has taken me so long, my computer had to be taken to the shop for unrelated hardware problems... Back to Top
Touch Forum Moderator Ok. Let´s try this scanner ->
Please download OTViewIt Double click on the OTViewIt.exe icon on your desktop. If you are using Windows Vista, right click the icon and select Run as Administrator . Check the Scan All Users checkbox and leave Use Whitelist checked. Set the File Age to 30 days. Click on the Run Scan button. Two reports that are located in the same location as OTViewIt will open.
OTViewIt.txt <-- Will be opened Extra.txt <-- Will be minimized
Copy and Paste the logs into your next reply.
Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.
Back to Top
Forum Information Currently it is Sunday, February 12, 2012 3:24 AM (GMT +1)View Active Threads Who's Online This forum has 33728 registered members. Please welcome our newest member, uma shankar .Details 5 Latest Threads
|
Forum Help Manual
