8000032.@ virus

Hi,so i have avast poppin up saying it has found 8000032.@ virus can someone pls help me?

Hello,

  1. Please download ComboFix by sUBs from here and save it to your Desktop.
    If you are unsure how ComboFix works please read this guide carefully.
    Note: ComboFix must be downloaded to your Desktop.

  1. Temporarily disable your AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix.
    If you are unsure how to do this please read this or this Instruction.

Instructions how to disable avast:

[*]Right click on the avast! system tray icon (
http://www.mcshield.net/pg/images/avast5.png
) in the lower right corner of the screen and scroll up to avast! shield controls;
[*]In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.

Note: Do not forget to turn back on this option after the cleaning by choosing avast! shield controls > Enable all shield options.


  1. Run ComboFix. Click on I Agree!

[i][size=7pt]- ComboFix will display DISCLAIMER of warranty on software.
By clicking I Agree ComboFix shall continue.

  • ComboFix will check if there is a newer version of ComboFix available.
    Click Yes if prompted to download.[/size]
    -If Recovery Console is not installed, ComboFix will offer download & installation.
    Click Yes to allow ComboFix to install Recovery Console.
  • ComboFix will scan your computer in stages, total of 50 stages.
    Do not mouse-click around while ComboFix is running.
    Note:If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart your computer.
    [/i]

  1. When the tool is finished, it will produce a log report for you. (typical location: C:[b]ComboFix.txt[/b] )
    Attach log reports ( ComboFix.txt) back to topic.

Im not so good at this but i did it, the txt file is realy big should i paste all of it? sry for my english :S

Here you go

@andrejmus
You’ve launched CF two time. Instruction does not say to run CF twice.

This is the second log CF.

Please post the contents of the following files

ComboFix-quarantined-files.txt ComboFix1.txt

These are located in the folder C:\Qoobox\

PS: THE will continue to work on your case

Ok i went in that folder all i could find is 2 folders named BackEnv,Quarantine, and 2 text files Add-Remove Programs and ComboFix-quarantined files.

Hi,

Try to find ComboFix2.txt, should be located at the same folder or at C:\

These are all i could find im sending these

Theres also ComboFix folder but its empty :-\

That’s good, you attached correct report…

Let’s check for remnants:

Please download Farbar Recovery Scan Tool by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Under Optional Scan ensure “List BCD” and “Driver MD5” are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please download Farbar Service Scanner and run it on the computer with the issue.
[*]Make sure the following options are checked:

[*]Internet Services
[*]Windows Firewall
[*]System Restore
[*]Security Center/Action Center
[*]Windows Update
[*]Windows Defender

[*]Press “Scan”.
[]It will create a log (FSS.txt) in the same directory the tool is run.
[
]Please copy and paste the log to your reply.

Ok i think i got it…

1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

SearchScopes: HKCU - {0F6EB2BF-5B16-4A8E-AF24-DEE9C4CFCCD4} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282698&CUI=UN27581091441945986&UM=2
SearchScopes: HKLM - DefaultScope value is missing.
cmd: netsh winsock reset
CHR HKLM\...\Chrome\Extension: [giolhomkcooifelkdfpejhidfidaahlc] - C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx
C:\Users\User\AppData\Local\CRE\giolhomkcooifelkdfpejhidfidaahlc.crx
cmd: ipconfig /flushdns

2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.

How are the things now? Any problems?

Here we go :slight_smile:

How are the things now, any problems?

I think its ok now since Avast isnt poppin out with the virus message thank you soo much Eagle and Magna :slight_smile:

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[
] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.