We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
pc wont boot up - possible virus
Comments
-
How much did he charge you for restoring the viruses?:p Can you post another hijackthis log.0
-
If you cant install kaspersky ~ Id be thinking of installing AVIRA and scanning with that for now:idea:0
-
Hi all, i gave in today and took pc to a shop. They have found lots of viruses and restored it to last weekend. I am scanning it atm and its still finding viruses :eek:
Man in shop was impressed with what i'd done already so i forgot to mention that you had guided me through it
Did however, tell everyone else what a great bunch you all are :beer: .
Thanks for your patience and all your help
If youve paid him money, id be taking it back as its clearly NOT right:idea:0 -
here is the latest malware log
Malwarebytes' Anti-Malware 1.34
Database version: 1820
Windows 5.1.2600 Service Pack 3
05/03/2009 19:27:55
mbam-log-2009-03-05 (19-27-55).txt
Scan type: Full Scan (C:\|)
Objects scanned: 249449
Time elapsed: 3 hour(s), 13 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 17
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\\Local Settings\Temp\Install_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Patch_MSN_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Patch_MSN_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Install_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Install_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Patch_MSN_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Install_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\\Local Settings\Temp\Patch_MSN_Messenger.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\wextract.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wextract.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\wextract.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.0 -
The guy put AVG on but it wont update so im going to uninstall it tomorrow and use Kaspersky.0
-
Download AVIRA ANTI VIRUS PERSONAL (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_antivir/
(Inplace of norton that you removed until we can get kaspersky working)
UPDATE and FULL scan:idea:0 -
The guy put AVG on but it wont update so im going to uninstall it tomorrow and use Kaspersky.
Make sure you use the AVG REMOVAL TOOL before trying kaspersky or avira
AVG removal tool
http://www.avg.com/download-tools:idea:0 -
Hi rik, dont want to get this wrong so can you tell me which avg unistall i should use - the 32 bit or 64. not sure which one to click on. Thanks0
-
32 bit
........:idea:0 -
ok, how can something so simple be so difficult
I've clicked on uninstall 32 bit
within a few seconds the avg icon has gone from my taskbar :j
but when i look in my programs its still there :mad:
so i do a search and its found lots of folders including the remove ones ive just run.
has it gone or not ? i havent a clue
ps ive done a reboot also0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards