Sorry but i am asking for assistance in getting rid of a trojan called trojan.duntek.
I suspected my system of having a virus yesterday, but when i checked for my internet security software it was not there. It is the one that came with the motherboard norton internet security 2005. i have recently installed it back and renewed it, downloaded all the updates. It found 2 main viruses one was something like w32.rontkbro or something like that and the trojan, it cleaned up the w32 one but it had already done its damage cause i can no longer see my folder options menu i know there is a way to enable it back using gpedit.msc but i do not remember how. the trojan however it cannot be delete it is located at c:\windows\system32\c_2r12.dll.
Please i am asking for any assistance in solving the problem. Thank you.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

what does the p stand for?

it does not tell me what the p stands for :suspicious:

Follow the instructions and post the requested logfiles. I`ll then see what needs to be removed(if anything) and give you instructions on how to go about it.

In the meantime, you can do the following.

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt, as well as the rest of the requested logfiles.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Part of the previous instruction says to show all my hidden folders, but i still am not able to see the folder options. Please assist.

Double click my computer and click the tools menu. Select Folder options and click the view tab. Under Advanced settings, scroll down and click on the "Show Hidden files and folders" button, then scroll down and untick the box next to where it says "Hide Protected Operating System files (Recommended)". Click yes, followed by apply/ok and close my computer.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

sorry but what i mean is i litterally dont see the folder options in the tools menu after the w32.rontokbro(sp) virus infected my computer. it has been completely cleaned though. but as for the report from hijackthis, the character count exceds the limit so i am wondering if there is a way to attach the saved log so as to you can download it. i am wondering where in gpedit.msc to find the setting to make it so the option is visable.

Ok, try this instead.

Go to your control panel and double click the folder options icon. See if that helps.

All log files must be posted as attachments, see HERE.

Don`t forget, I need to see The Avenger log as well as Combofix, AVG Antispyware and fresh HJT logs.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

and i never got the attached script file, sorry if i am frustrating you in anyway but i am new these things >.<

the folder options icon is not there >.<

No worries mate.

The Avenger script file is attached to my post#4.

Follow the instructions without the hidden files and folders bit for now.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

these two are the only ones that working properly.

the file got deleted ... yay i love you howard would marry you but i am not gay XD and i have a girlfriend lol but now i going to have to re-install one of my files but thats no biggy, atleast no more window from norton saying that trojan.duntek cannot be deleted appairs :giddy:

My folder options also came back Thank you guys so much, you are all life savers. Now lol i have one more problem i going to find the right forum to post it in. This website is helping me for when i actually do start a degree in computing, i will do good thanks to you guys For now i will just use my high school knowledge and help from you guys if you don't mind

Your have posted the Avenger script, instead of the Avenger log lol.

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply, as well as fresh HJT, Combofix and AVG Antispyware logs.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

sorry my bad . here you go.

that is the only avenger file apart from the folders.

Unfortunately, that`s the Avenger log from the first time you ran the programme. What I need is the Avenger log from the secoind time you ran the programme as per the instructions in my post above. I also require you to post fresh Combofix, AVG Antispyware and HJT logs as well. Instructions can be found HERE.

Regards Howard

This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.