I dont really have much knowledge about malware removal to please forgive when i use the wrong jargon
ok the other day AVG told me i have a virus, i think it was a trojan, so i "healed" it but i dont think it worked... cause it kept popping up every couple of hours or so.
i did i virus scan using AVG and using Malwarebytes and i think about 60-70 infections were found.
with AVG it wouldnt give me the option to remove or heal them but it did with Malwarebyes (but i dont think it did anything)
I later read on one of the scan reports that they were effecting some of my system files and i guess this is why i wouldnt heal or delete them.
Now i shall tell you what i have done to try and remove them.
AVG CD rescue:
-i downloaded and mounted the image to a cd and booted it on startup,
-Scanned and healed the files. (AVG CD rescue)
-rebooted in windows and scanned with AVG and found 16 infections...
-booted with AVG CD rescue AGAIN and updated virus database
-rescanned with AVG CD rescue
-rebooted in windows and found i still had 16 infections...
-rebooted in AVG CD rescue and scanned and it found no virus then i repeated this and found still no virus...
so at the moment there are 16 infections which i have no idea to get rid of
AVG calls them SYSENTER hook ->0xFFFFF800034C0BC0
the numbers at the end change slightly thoughout the 16 infections
Let me know what scan results you would like and i'll post them
ohh ive upload the two logs from the dds scanner
when doing the scan with GMER, I have turned off my AVG protection and then open the GMER and instantly a message comes up
"c:\Windows\system32\config\system The process cannot access the file because it is being used by another process"
I click OK then i follow the directions in the forum for this program and click scan
It starts scanning then come up the the error messages
"c:\Windows\system32\config\system The process cannot access the file because it is being used by another process"
"C:\Users\John\ntuser.dat: The process cannot access the file because it is being used by another process"
Then finishes the scan,
I have attached that scan report of the GMER in this post
dds scan 1.zip 10.01KB 100 downloads
GMER.txt 51.41KB 184 downloads