TechSpot

8 Steps Completed

By seanpaulz
Dec 20, 2009
  1. My antivirus program picked up (4) Trojan.FakeAV

    Attached are my logs.

    Please let me know if I need to do anything else.

    Thanks.

    -Sean
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Hi again! I see I asked you to run an online scan with Eset because the system was still finding Trojans- back in July. But I never got a log:

    http://www.techspot.com/vb/topic130886.html

    Since your current logs are clean. I'd like you to do that scan now: You will need to disable your surrent security which will include this:
    SYMANTEC ENDPOINT PROTECTION
    Right click on the icon in the taskbar notification area & select "Disable Symantec EndPoint Protection".

    [​IMG]

    Run Eset NOD32 Online AntiVirus Scanner HERE

    Note: You will need to use Internet Explorer for this scan.
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    Please attach the logs to your next reply.
     
  3. seanpaulz

    seanpaulz TS Rookie Topic Starter Posts: 18

    I ran the program and the log is attached.

    Thanks.
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    There are 3 files showing in Qoobox which is where Combofix outs the quarantined files. When did you run Combofix?

    There are no active infections showing. Be sure to enable the Symantec Endpoint Protection.
     
  5. seanpaulz

    seanpaulz TS Rookie Topic Starter Posts: 18

    I have not run combofix since the previous posts that you reference to earlier.

    At this point is there anything else I should do?

    The computer seems to be running fine now.

    Thanks for all your help.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    If we had finished the thread in July, I would have had you uninstall Combofix:

    And if the problem has been resolved, you can remove the cleaning tools and old restore points:
    Remove all of the tools we used and the files and folders they created
    • DownloadOTCleanIt by OldTimer
    • Save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    The tool will delete itself once it finishes.

    If you are prompted to Reboot during the cleanup, select Yes.


    You should now set a new Restore Point to prevent infection from any previous Restore Points. The easiest and safest way to do this is:
    • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
    • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new Restore Point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
    • Go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
    • Click "OK" to select the partition or drive you desire.
    • Click the "More Options" Tab.
    • Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

    Empty the Recycle Bin

    IF I can be of help in the future, please let me know.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...