I am new to avast I had AVG and today my PC got infected with a bunch of trojans. I tried to clean it with AVG but seemed like no end. These bustards were recreating. I removed AVG and installed avast. I updated definition and scheduled run before a boot up. Avast found a bunch of virues and I either deleted them or moved some to chest. here is what I still have in chest Win32:Cutwail-Y in a file agp440.sys and Win32:Trojan-gen in a file hostmon.exe. I dont recall what were the other bustards. I run a sniffer and I noticed I had a huge network traffic to unknow IP addresses. I looked at the packets and I had lots of smtp messages from random mail servers saying that my IP is flooding their servers with messages.
Anyways the PC seems to be working fine now and seems like my PC is not sending any mere messages. I dont see any network traffic any more but I got this little mail scanner icon in my try.
the mail scanner says [svchost.exe-.64-120-147-85.hostnoc.net]. I am afraid I may still have some sntp engine running and trying to send some junk from my PC but the mail scanner blocks it from doing so.
Anyone can help how to stop the smtp engine?
In case it would make any sense here is a hijackthis file from my PC. I guess no hijackthis file due to too many characters for this post
I do not know if you have two resident av solutions running on your machine, that is bad because they are going to find each other signatures (like two dogs fighting in stead of guarding your home). So you either have one resident av solution installed like avast (uninstall the other) and do a boot scan with that.
By the way after that scan give me your HijackThis log as an attached txt file: (See under additional options where it says Attach), then I will make an analysis for you. Wszystko będzie dobrze, nie panikuj!
All rights thanks for your replies. Just to remind I did a boot up scan and got rid of some of these. so here i am looking for the attach icon and cannot find it. there is some icon which looks like attachment but it is grayed out. any ideas?
Your Hosts File has something not right, So:
Download and install HostsMan.
after install run it, click on “update Hosts”, choose “MVPS Hosts” and in below options choose “Overwrite Current” hosts.
this step would immunize your Hosts File and would prevent any internet traffic to malware sites and also would fix Windows Hosts File if it has been HiJacked by malwares.
Some additional options to make sure your computer is running healthy:
Download, install and update these programs (just use Offline update installer if you cannot use Live Update to update your programs):
scan your computer using them and let them remove everything they found.
also, to try another antivirus engine, you can try:
The Avira AntiVir Rescue System a linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, to rescue data or to scan the system for virus infections. Just double-click on the rescue system package to burn it to a CD/DVD. You can then use this CD/DVD to boot your computer. The Avira AntiVir Rescue System is updated several times a day so that the most recent security updates are always available. You can download it from Here. You can learn how to use it from Here.
also, if you want to burn that disc yourself with your own burning tool (Such as Nero or…), you can download the Image File (.iso) from Here.
After burn it to disc, use it to boot your computer and do a full scan and remove everything it find.
Thank you for this so-called “quick and dirty” on the major issues here, it might be just the thing his machine needs at the moment to again start to run smoothly.
@ zxj24 Just follow all the advice in this thread,