hey guys my avg keeps on popping up 2 boxs saying infecton found and when i tru and remove them it says it can the prossess has been interupted buy user the virus is shows are trojan horse agent.AACS c:/windows/system32/config/systemprofile/appdata/local/microsoft/windows/ temporary internet files/content.IE5/3HUW09UW/so[1].bin and trojan horse generic11.LSG c:/windows/system32/config/systemprofile/appdata/local/microsoft/windows/ temporary internet files / content.IE5/S2VJVYR3/w[1].bin Please some 1 help ???? THANKS 4 any help
either delete your temporary internet files and see if that fixes it or try and delete it with avira or avast antivirus's.
Hi maDdoggnz Please boot into safe mode (repeatedly press F8 after you press the power button) and then scan with AVG again. Remove everything you find. Next, please download the HijackThis zip file. Save it onto a convenient place in your computer, and then unzip the file. Rename HijackThis(.exe) to scanner(.exe). Next, run scanner(.exe). A window will pop up. • Click on the button which says Main Menu, then Do a system scan and save a logfile. • Please wait for the scan to be completed. • After the scan has completed, a text window will pop up. Please post the contents of this window here. This will also be located at hijackthis(.txt) in the same folder that HijackThis was originally saved. NOTE:: Do not fix anything using HijackThis, as this may also damage legitimate components of your computer. Best Regards
Hey there thanks for the reply i ended up formating my laptop because of this lol but i mad a log with hijackthis for ya ta have a look at im pritty sure im clean now but have a look any ways thanks heeps
lol as expected Thanks for your help any way. Also I have a friends pc here at the moment and i just been cleaning it up a bit for him and was wondering if you could please take a look at his hijackthis log also thanks if you can of stress if you cant im pritty sure i got everything but just to make sure if you wouldnt mind. LOL HIS Kids have been haven a field day not the worst but not good think it all right now tho check out the malwarebytes log wont post it all its huge. And thanks for your help mbam-log-09-01-2008 (19-50-12).txt Scan type: Full Scan (C:\|) Objects scanned: 168889 Time elapsed: 55 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 70 Registry Values Infected: 8 Registry Data Items Infected: 0 Folders Infected: 45 Files Infected: 409
hey maddoggnz Please run HijackThis. • Click on the button which says Main Menu, then Do a system scan only. • Please wait for the scan to be completed. • After the scan has completed, check the following entries. R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: (no name) - {85BDD81D-31FD-4A6B-A73C-3955B128D2EC} - (no file) O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\kelvin the pirate\My Documents\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\kelvin the pirate\My Documents\PartyPoker\RunApp.exe (file missing) O20 - Winlogon Notify: opnljjk - opnljjk.dll (file missing) O23 - Service: Windows System Viewer (wsvsvc) - Unknown owner - C:\WINDOWS\system\usrsvc.exe (file missing) Click on the button Fix checked NOTE:: Close all browsers before fixing anything. After that, reboot. Best Regards
Hey sorry took me a while ta get arond to doin all done ow heres the new hijackthis log thanks for all your help
Hey maDdoggnz I won't ask your friend to do anymore scans, because I trust Malwarebytes and if after 409 infected files are deleted, the computer is still infected, woah..... If your friend wants to be absolutely sure that every trace of malware is gone, then let me know and we can run some more scans. For right now, the computer looks pretty good. There is still one more thing. Open Notepad. Type in : Code: @echo off sc stop wsvsvc sc delete wsvsvc exit Save this as fix.bat, and then run it. After that, post a new HijackThis log. Best Regards
Hey there done what you said heres the log file also my friend not very computer savy so i tryn to fix it for him. So if you think some more scans might be needed just leme know what you think i should run thanks for your help
Looks good to me. However, tell him his Java is sorely outdated, and after you install the newest version, remember to uninstall all old versions. Best Regards
Hey thanks for that i just ran hijackthis again on another system would you mind having a look at the log for me ? cheers
exLENt lol thats 3 thanks heeps for all your help and sorry if i been a pest lol cheers should be the last you here from me for a while till someone else asks me to have a look at there computer peace
