Hi
I’m looking for help, please 
I ran a boot scan yesterday on my PC and discovered that it was infested with Win32:bprotect-d trj.
I made a scan and cleaning operation with ADWCleaner and then with Zoek, as indicated in a post on the forum (ref : “Win32:bprotect-d trj infected my computer” - topic 148586.0 - 6 april 14).
Afterwards, I ran a new boot scan and found new trojan on the PC ! Win32:bprotect-a trj and Win32:bprotect-b
Could someone help me clean my computer ?
Thanks 
Attach your logs. (MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
I made a scan and cleaning operation with ADWCleaner and then with Zoek, as indicated in a post on the forum (ref : "Win32:bprotect-d trj infected my computer" - topic 148586.0 - 6 april 14).did you see the [b]WARNING[/b] posted by TwinHeadedEagle?
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating systemnever run fix you find on the net......evry fix is uniqe to the machine it is made for..
follow instructions Asyn gave you and attach the requested logs…
Thanks for your help.
Here attached the log files for MBAM et OTL.
I tried to run aswmbr 2 times but the app shut down.
Monitoring
Hello,
Please download Farbar Recovery Scan Tool (
http://www.mcshield.net/personal/magna86/Images/FRST_canned.png
) by Farbar and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Hi Argus,
Here are the files attached
Many thanks
Amandine
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Start
Boxore Client (HKLM\...\{0E365FDA-909F-4939-838A-261DD468D862}) (Version: 4.9.0.0 - Boxore OU) <==== ATTENTION
HKU\S-1-5-21-4213431880-2395434915-3902820846-1001\...\MountPoints2: {5ba9b7b7-2682-11e3-8ba5-f0bf9791c660} - D:\unlock.exe autoplay=true
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Amandine\AppData\Local\Temp\converter.exe
C:\Users\Amandine\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Amandine\AppData\Local\Temp\Quarantine.exe
C:\Users\Amandine\AppData\Local\Temp\silent_pricora_deltaArgs_FR.exe
C:\Users\Amandine\AppData\Local\Temp\{66304BAE-DF45-407D-91BE-DEB32E335A04}-GoogleUpdateSetup.exe
CMD: DEL %TEMP%\*.* /F /S /Q
End
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
.
Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…
[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
gpt.ini;z
C:\Windows\System32\GroupPolicy;v
C:\Windows\SysWOW64\GroupPolicy;v
filesrcm;
startupall;
autoclean;;
[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)
[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log”
Hi Argus
Here is the logfile attached
Thanks
You have not done zoek scan.
sorry Argus. Here is the logfile from zoek
Best,
Almond59
How is the situation now?
My PC works much faster !! Thanks a lot :)))
• The following will implement some post-cleanup procedures:
=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
Greeting.