Hi i want to ask something…
Can i remove this pup virus(win32:Somoto) with avast or i must download a spyware removal tool??
If ican remove this with avast, how i can do this??
Thanks…
Hi i want to ask something…
Can i remove this pup virus(win32:Somoto) with avast or i must download a spyware removal tool??
If ican remove this with avast, how i can do this??
Thanks…
hey and welcome to the forum.
a simple quick scan should pick it up. but pup is not a virus its a file that could be use for good or bad.
hope this answers your question.
if you want a system check please follow this guide and attach your logs
we need the logs from adwcleaner, mbam, otl and aswmbr.
Somoto is some adware/toolbar browser crap and should be removed
PUP = not a virus / Possible Unwanted Program
thanks…
I dont understand something… Where i am suppose to post the logs or how i do this post???
plzz helppp!!!
Thanks!!!
not post … attach in your next reply
you fin attach button below the text box you write in here
This the logs freom AdwCleaner…
hey also attach the other logs from the guide a posted earlier in this thread.
The log from malware is at greek…
The log from malware is at greek..does not matter ...malware detected is in english ;)
and now we need OTL log …
Hi
I do all this http://forum.avast.com/index.php?topic=53253.0 but when i scaned with avast they find again the win32:Somoto PUP…
What i have to do???
Could you attach the OTL scan please
as i said … we are waiting for you to attach OTL log …
that is the most important log, and the one that will be used to remove any leftovers
ok here it is…
What file location does avast give for somoto ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3658280789-707237801-2741792203-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3658280789-707237801-2741792203-1000\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\S-1-5-21-3658280789-707237801-2741792203-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
C:\Users\Thiodor\AppData\Local\Microsoft\Windows\Temporary Internet Files.IE5\Q6L716AU\bi_downloader[1[.exe|>$PLUGINSDIR\bi_client.exe FOR Win32:Somoto-F
C:\Users\Thiodor\AppData\Local\Microsoft\Windows\Temporary Internet Files.IE5\Q6L716AU\bi_downloader[1].exe FOR Win32:Somoto-J
C:\Users\Thiodor\AppData\Local\Temp\bitool.dll FOR Win32:Somoto-j
Good, OTL will clear the temp files so I will run one further fix to delete the other
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:Files
C:\Users\Thiodor\AppData\Local\Temp\bitool.dll
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
This is the log from the first Run Fix… Now i will do the above Run Fix…
the second one log
How is the computer behaving now ?