HELP: Trojan on pc which is now removed but so is AVG

Jo4

waddler_8 wrote: »

It should be as far as I can tell from the various logs you posted, but there can be no guarantees with this kind of thing. You can always repost here if he suspects things aren't right and we can take another look.

THANKS, will do! :T

Jo4

santer wrote: »

Lightscribe

http://en.wikipedia.org/wiki/LightScribe

If you have CCleaner installed, click that, click tools, it should be on the uninstall tab, click save to text file, bottom right, copy and paste that

Ccleaner is not installed.

Jo4

waddler_8 wrote: »

Combofix couldn't clean or replace some files that were infected so unfortunately had to delete them.


http://www.intel.com/support/viiv/updates.htm
http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?softwareitem=pv-58790-1&cc=uk&dlc=en&lc=en

(Check it's correct for your model. Let me know if you need further help with this)

http://www.lightscribe.com/

I'd also uninstall these:

Adobe Reader 8.1.2 (Support for 8x ends very soon) http://get.adobe.com/uk/reader/

Advanced Registry Optimizer
ALOT Toolbar
Conduit Engine
ResultBar 1.0 build 113 (Probably gone already)

I am just after installing LightScribe.

Jo4

dazzaone1 wrote: »

restsrt pc in safe mode with networking by pressing f8 on start up, download superantispyware and maware bytes, update both and run full individual scans, restart pc normally.

I am downloading the first of these, superantispyware, at the moment.

Jo4

dazzaone1 wrote: »

restsrt pc in safe mode with networking by pressing f8 on start up, download superantispyware and maware bytes, update both and run full individual scans, restart pc normally.

I now have both downloadad and updated. I am running Malwarebytes at the moment. Oh no, :eek: I just noticed you said "maware" not malware have you missed an l, please say you have, or I have downloaded the wrong program?

Jo4

Jo4 wrote: »

I now have both downloadad and updated. I am running Malwarebytes at the moment. Oh no, :eek: I just noticed you said "maware" not malware have you missed an l, please say you have, or I have downloaded the wrong program?

I am just googling maware bytes and it didn't bring back anything. Have I got the right program or have I messed up again? :eek:

Jo4

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7943
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421
14/10/2011 12:11:21
mbam-log-2011-10-14 (12-11-21).txt
Scan type: Full scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 335384
Time elapsed: 56 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

waddler_8

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7943
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421
14/10/2011 12:11:21
mbam-log-2011-10-14 (12-11-21).txt
Scan type: Full scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|)

Just an FYI, Malwarebytes should always be run in normal mode wherever possible. It's detection and removal capabilities are far better in normal mode than safe mode. A driver it uses doesn't load in safe mode.

It doesn't hurt to run a full scan, but in most cases a quick scan is all that is needed. The developers will tell you this (post #9 - nosirrah). It checks all the areas malware is likely to be running from. The full scan might find "traces", ie; benign files that are pretty much harmless on there own without the full infection being present but not much more. Although the possible none default download location & droppers are mentioned in the linked topic, generally droppers self-delete after execution. Sometimes, depending on the PC specs and the amount of data present, a full scan can run into several hours.

If you've run SuperantiSpyware, don't be alarmed if it finds (adware)Tracking Cookies - Again, these are harmless.

Jo4

waddler_8 wrote: »

Just an FYI, Malwarebytes should always be run in normal mode wherever possible. It's detection and removal capabilities are far better in normal mode than safe mode. A driver it uses doesn't load in safe mode.

It doesn't hurt to run a full scan, but in most cases a quick scan is all that is needed. The developers will tell you this (post #9 - nosirrah). It checks all the areas malware is likely to be running from. The full scan might find "traces", ie; benign files that are pretty much harmless on there own without the full infection being present but not much more. Although the possible none default download location & droppers are mentioned in the linked topic, generally droppers self-delete after execution. Sometimes, depending on the PC specs and the amount of data present, a full scan can run into several hours.

If you've run SuperantiSpyware, don't be alarmed if it finds (adware)Tracking Cookies - Again, these are harmless.

Thanks! I put it in safe mode as advised by dazzaone1. Would it be best to run it again in normal mode?

I wasn't worrying about the tracking cookies but she has found Rogue.AntiMalwareDoctor, should I be worried? It is still scanning at the moment!

waddler_8

Post the SAS log but I would imagine it's an old trace - possibly a registry entry but I would be guessing. I wouldn't say there's any need to run MBAM again - you can if you want though.