Help needed

Status
Not open for further replies.
My computer has been choppy. If that makes any sense. Either way I have followed the instructions provided and have attached log files. The root kit test came back with something called ATUVP. I took a screenie but I don't think the site is letting me upload it in .bmp format because of file size limitations. I could FTP it somewhere if needed. Help please.

edit - I have attached the screenie.
 
Hi michaelboltn and welcome to techspot. =)

Important: Please read this thread HERE before you decide whether to clean or reformat your system. It is a particularly important decision in this case, as your infection shows signs of spyware and surveillance programs.

Should you decide to clean your computer, please do the following.

You have not posted your AVG antispyware log; please do so in your next reply.

You may wish to copy and paste these instructions on notepad for easier reference later.

Boot into safe mode under your normal user name. See how HERE

Next turn on "Show all files and folders, including hidden and system". See how HERE

Go to start > run and type services.msc. Press the enter key.
Search for the following services. Double click to select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

ShellService

After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

O21 - SSODL: ShellService - {8FB2D6CA-E258-48CF-9DAB-EEFB735E225C} - C:\WINDOWS\system32\config\atuvp\ShellService.dll

Close HJT.

Run AVG antirootkit and do a full system scan. Fix every single file and folder related to atuvp.

Reboot into normal mode and rehide your protected OS files.

Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.


Regards,
Your friendly momok =)

This thread is for the use of michaelboltn only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.
Back