[Inactive] 8 step logs

Status
Not open for further replies.
F

Flannelwarrior

Posts: 131   +0
Comodo virus scanner also removed several threats, but I can't find the plaintext or html logs
 

Attachments

  • mbam-log-2010-03-10 (16-41-47).txt
    983 bytes · Views: 3
  • hijackthis.log
    6.4 KB · Views: 5
  • SUPERAntiSpyware Scan Log - 03-10-2010 - 21-13-53.log
    464 bytes · Views: 2
If would be very helpful to know what the problem is.

You also need to remove AVG since you are now using the Comodo Security Suite:
AVG Removal: Note: You may have to reinstall AVG to uninstall it fully
 
AVG is gone.

My Comodo log is an htm file which can't be attached.

There was a large occurance of "Heur.Suspicious@100221209" in C:\WINDOWS\system32\NTAgent.exe, C:\System Volume Information\_restore{AD59D2D3-9557-4F15-938F-8763BF16B5A2}\RP5\A0000145.exe


I don't think this virus is gone because Comodo still gives me popups about it sometimes.
 
Okay,m we can go through the system for malware. But I would like to explain what System Volume is> these are the System Restore points. If you have malware only the these files, it is not active in the system. at the end of cleaning, we have you remove the old restore points and set a new clean one.

The only danger of malware in that location is if you do a system Restore from a date that had an infected file. Then you could reinfect a clean system.

One thing you did not do was check the part in Malwarebytes to have it remove the entries it finds. So the malware entry shows No Action Taken Please update Mbam and scan again, taking care to follow this:
"When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected."

Asus has an app called Super Hybrid Engine. It's function is to manage the power in the EeePC allowing it work for more hours. Also, it may manage some Fn keys. Your entry for this is:
O4 - Global Startup: SuperHybridEngine.lnk = ?
The full entry should be:
O4 - Global Startup: SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

It might not be functioning properly and if you use it, you might want t reinstall the process.

Please Run Eset NOD32 Online AntiVirus Scanner HERE
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the Active X control to install
  • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  • Click Start
  • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  • Click Scan
  • Wait for the scan to finish
  • Re-enable your Antivirus software.
  • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
I'll check that log for you and see if anything further needs to be done. I am also requesting a better description of the problem. Win32Heur is a virus frequently found by AVG. It can be an indication of another more serious malware infection. Comodo is telling you that a file or files in the System Restore folder fits this profile. But unless we find it elsewhere, it isn't significant and I'll have you remove it when we're through.
 
Status
Not open for further replies.

Similar threads

A
Google will begin deleting millions of inactive Gmail and Drive accounts in December
Replies
4
Views
376
anastrophe
anastrophe
D
Rogue Chrome extensions can steal passwords from websites such as Gmail, Amazon & Facebook
Replies
2
Views
372
Eldritch
Eldritch
midian182
Ubisoft will delete your account, along with your game library, if it's inactive for too...
2
Replies
26
Views
1K
jfreddy82
jfreddy82

Latest posts

Back