I have recently obtained a virus and have been hacked in to my email shortly after. I have done a full scan and made a custom scan to check if there are anyu infected files. Unfortunately, I have found 16 infected files but when I have tried to apply an actionm, it does not let me eg. the apply is grey, therefore, not allowing me to do anything. Any ideas on how to fizx, I ahve changed all my passwords, so I shouldnt be hacked any more right? How can I get rid of this. I think they are WIN32’s and also Nsis, Js, HTML and BV files. help. :-[

if you need more information, here are a few exact names of the win files. Win32:hupigon-OAM (DRP)

win32:ZBOT-AVH
win32:vb-eij
win32:small-HUF
WIN32:small-HZH
WIN32:FRAUDLOAD-p
win32:fakeav-ano
win32:BHO-TA
WIN32:agent-sg
win32:adloader-ac

Unfortunately, I have found 16 infected files but when I have tried to apply an actionm, it does not let me eg. the apply is grey, therefore, not allowing me to do anything.

can you attach a screen shot of the scan result ?

I made my own custom scan and it found these, I programmed it to search the operating memory, the system drive and also the dvd drive.

I did another scan and it came up with 32 imfercted files, whether these have replicated, Im not sure. Id like them removed please

As you are scanning the memory it is detecting signatures placed in memory by your anti-spyware programme, which one do you have ?

Try the scan without the memory element and let us know the result

using the setting “scan memory” will give some strange scan results…the forum is full if you search
most often it is signatures from other security programs installed loaded in memory…

so if this was detected as process in memory, then you cant move a process to chest…so the button is gray

if you dont know what you are doing, i recomend using the default quick/full scan with default settings
they are default bc avast means they are the best for the normal user…

well , i do the scan without memory but everything else, it doesnt come up with any viruses but it will take an hour to do so they is nothing yet. My computer is very slow. I am still not ocnvinced it is not a virus otheriwse why would the apply button be greyed out, why was I hacked afterwards and is it replicating

What antispyware programme do you have ?

if you tell me how to find out, I can help you

Download OTL to your Desktop

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]Select All Users
[*]Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U*.* /s
CREATERESTOREPOINT
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs

I get as far as scanning it but then it goes unresponsive. Is it because I use it in the sandbox?

It must run outside the sandbox as it needs to read the registry

how long should it take? 5 minutes?

Probably at the most - unless you have just added a service pack or reinstalled

it exceeds amount of characters on one

if you want, I can highlight a specific spot in both of the logs

if the logs are to big to post here then upload to www.mediafire.com and post the download link here

At the bottom of the post area is a bit marked additional options - use that to attach the log

ok