Hi!

I have recently downloaded the new AVG 8.0 virus scanner. Since doing so, I have had threats come up, which I have removed. The name of the threats (3 of them) are Tojan Horse Downloader Purity Scan.BA. It goes on to say that it's detected at start up.

I noticed that someone else in this form had a similar problem, but was using a different browser. (I am using IE 6.0 and have an XP operting system.) You had the person go into their registry to remove the threat.

I'm just wondering if I have to do the same thing to remove the Trojan. I did do a scan with Trend and my system came up clean, it's only AVG 8.0 that comes up with the threat.

Your help/advice is appreciated.

you can attach a hijackthis log -> purity is easy to spot because the file names look like this -> C:\system??\task??r

Hi!
Thanks for the reply. What is a "hijackthis log"?

Hi! Thanks. I've attached the log as requesed.

I should mention that I ran a scan in safe mode using AVG 8.0 last night and also turned my registry off and on. I read somewhere that that might get rid of the problem, but I'm not sure. My computer is still running slow even though I have high speed.

Thanks for your help.

Attached Files

hijackthis.log (7.0 KB, 1 views)

Hijackthis log looks good, here are my recommendations:

You aren't running Firewall Software. Please download and install one of these first!

Use a Firewall - It is very important that you use a Firewall on your computer. If you use the Windows Firewall you might think that's enough but it only controls inbound traffic. Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most commonly used:
Comodo (Vista Compatible)
Kerio
Online Armor
Zonealarm (Vista Compatible)

--------------------------------------------------------------------------------------------

Download and Run ATF Cleaner
Download ATF Cleaner by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

Firefox or Opera:
Click Firefox or Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.

----------------------------------------------------------------------------------

Get a 2nd opinion from online scan and let me know the results
Trend Micro Housecall Free Online Scanner

• It`s one of the very few online scanners that will actually disinfect viruses etc.
• First Open Internet Explorer
• Go to Trend Micro's Housecall website which can be found HERE
• Click on the link that says "Scan now. It's Free"
• A new tab will open where you will have to tick a box to agree to the terms of service.
• Click "Launch House Call"
• Follow any additional on screen instructions
• Select any infections then Fix Checked after the scan

----------------------------------------------------------------------------------

Use Winpatrol to also control what programs start when you turn your computer on.
Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
Using Winpatrol to protect your computer from malicious software

Thanks for all the advice. Much appreciated.

We run our computers through a router which has a firewall. I downloaded and was going to run the Comodo Firewall and a box came up saying I had to uninstall any firewalls I had. Is there a problem with me continuing to download the firewall even though the router has this feature? Also, how would I uninstall a firewall?

Thanks

The firewall built into your router is a hardware firewall. Comodo is a software firewall. No conflict there. You don't have an active software firewall so there is no need to uninstall anything.