AVG virus vault?

[IH8PunkRok]

when a virus is in the virus vault does that mean the virus cannot do any damage?
and if i tell it to empty the vault does it delete the virus permanantly?

(slightly off subject)
i have backup copies of trojans that i cant seem to get rid of, wut do i do?

thanx
-rok

 

[howard_hopkinso]

Yes, a virus in the virus vault can`t do any damage.

When you empty the virus vault the files are deleted.

i have backup copies of trojans that i cant seem to get rid of

Can you explain exactly what you mean? Where are these backups stored?

Regards Howard

 

[IH8PunkRok]

well avg got rid of two trojans and apparently they copied themselves cause they are back again but it says they are backup files

 

[howard_hopkinso]

Can you give me the filepaths to the trojans?

I also suggest you post a HJT log as per these instructions HERE.

Regards Howard

 

[IH8PunkRok]

ok the file destination for one is
C:\DOCUMEN~1\Matty\LOCALS~1\Temp\!update.exe

where do i get the hijackthis program?

 

[howard_hopkinso]

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

!update.exe

Close task manager.

Delete the following bold file.

C:\DOCUMEN~1\Matty\LOCALS~1\Temp\!update.exe

Reboot into normal mode, turn system restore back on and rehide your protected OS files.

The link to where to get HJT is in the instructions I gave you.


Regards Howard

This thread is for the use of IH8PunkRok only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[IH8PunkRok]

ok hers the HJT log

 

[howard_hopkinso]

Your system is infected with all kinds of crap.

Go HERE and follow the instructions exactly.

Post fresh HJT and Ewido logs as attachments into this thread, only after doing the above.

Regards Howard

This thread is for the use of IH8PunkRok only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[IH8PunkRok]

aight i did everything u told me too
check it out

 

[howard_hopkinso]

Well done, your HJT log is almost clean.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R3 - URLSearchHook: (no name) - {CC3EB4F8-2939-7FEE-47F2-74E2EC73239A} - (no file)

R3 - URLSearchHook: (no name) - {9769E3F9-283B-7FBE-10F2-74E2EC73209C} - C:\WINDOWS\system32\gteq.dll (file missing)

O2 - BHO: (no name) - {9769E3F9-283B-7FBE-10F2-74E2EC73209C} - C:\WINDOWS\system32\gteq.dll (file missing)

O2 - BHO: (no name) - {CC3EB4F8-2939-7FEE-47F2-74E2EC73239A} - (no file)

O16 - DPF: {A2E05F45-F127-4092-B9F7-9A02C3E04C77} (HGPlugin7USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin7USA.cab

Click on the fix checked button.

Close HJT.

Delete all files in Ewido quarantine.

Reboot into normal mode, turn system restore back on and rehide your protected OS files.

Post a fresh HJT log and let me know how your system is running

Regards Howard

This thread is for the use of IH8PunkRok only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[IH8PunkRok]

ok heres the new one

 

[howard_hopkinso]

Absolutely clean as a whistle mate.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of IH8PunkRok only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.