My logs after trying to get rid of trojan horse agent2.guf

By glitchpop
May 22, 2009
Topic Status:
Not open for further replies.
  1. Here they are as requested by touch.

    thanks a lot.
  2. touch

    touch Newcomer, in training Posts: 978

    Hello again :)

    The log´s looks clean, How are things running ?
  3. glitchpop

    glitchpop Newcomer, in training Topic Starter

    seems good so far =?
    no more popups or redirects. managed to get superantispyware to install and run which is huge from where i was.
    though on the last scan avg came up with loads of threats and some infections (including some trojans i hadn't seen before). I can't seem to find a log for avg though. I'll have another look and run another scan when as soon as i can.

    thanks for all your help.
  4. touch

    touch Newcomer, in training Posts: 978

    Sounds good :)

    It was a rootkit you have, according to the combolog you´ve posted.

    I´ll therefore suggest you completely uninstall AVG8, because of this:
    "AVG Free does not contain Anti-Rootkit protection so rootkits may be hidden in your system."

    Uninstall your AVG Antivirus
    Run the AVGRemove Tool

    Install Avira Free AntiVirus, from here ->
    Avira
    Or: Avast

    Install, update the antivirus program you have chosen. Run a complete systemscan.

    Please attach the log it produce, along with new hijackthis log.
  5. glitchpop

    glitchpop Newcomer, in training Topic Starter

    looks all clear thanks :)

    Not that I have a hope of understanding the registry report. :blush:

    thanks again.
  6. touch

    touch Newcomer, in training Posts: 978

    Sounds good :)

    Start –Run, type services.msc (or copy/paste) in 'run' box. Click OK. When the services window opens, scroll down to: Alergmttawta
    Right click on it and choose 'properties. You will see a little drop down bar with an arrow. Click on that and change it to ”Deactivate


    Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"


    Reboot, and you´re done.


    Now your computer problems are solved, it is time for the clean-up procedure ->

    You should Create a New Restore Point to prevent possible reinfection from an old one.
    The easiest and safest way to do this is:
    Go to Start > All Programs > Accessories > System Tools > System Restore
    Select Create a restore point, and Ok it.
    Next, go to Start > Run and type in cleanmgr
    Select the More options tab
    Choose the option to clean up system restore and OK it.

    This will remove all restore points except the new one you just created.

    Please download http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe
    Save it to desktop.
    This will remove all the tools we used to clean your computer.
    Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
    When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
    Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

    To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
    http://www.spywareinfoforum.com/index.php?showtopic=60955
  7. glitchpop

    glitchpop Newcomer, in training Topic Starter

    Ok that's all done now. Thanks very much.

    Do I have to go back to this:

    to re-enable this service?
  8. touch

    touch Newcomer, in training Posts: 978

    No, to deactivate it.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.