Please bear with me here, I'm not great with technical jargon!

Yesterday my computer picked upsome malware, which Avast detected straight away. I quarantined the trojans found, but whenever I rebooted the computer, Avast popped up warnings, having re-detected them.

I tried to read up on how to remove infected files from the system folder (where they appeared to be) and saw that you can disable System Restore, cleanup the computer and then enable it once all infected files have been removed.

I downloaded AVG Anti-Spyware to see if it could pick up anything Avast missed, which it seemed to - it found a few Backdoor type nasties which have now been quarantined, and since then nothing has been detected automatically after rebooting.

But I now can't access the system restore feature at all - i get an error message saying 'System restore is Unable to protect your computer. Please restart ....'

Can I be confident that all infected files have been removed and there's nothing left lurking? What's happened to system restore, which was working properly a few days ago? Is there any easy way to repair it?

I've attached a hijackthis log file in case it's of any use.

Attached Files

hijackthis.log (8.2 KB, 2 views)

Welcome to PCHF kohl!

A security analyst will be with you soon.

[Moved to Hijackthis Logs]

Chris

first off, how much disk space do you have left?

Secondly, have you run through the prework in either upgrader's or my signatures? That would be a good first start; then we can see both the AVG log AND the revised HJT log....I've got an idea of how we're going to fix this regardless, but I want to make sure that nothing is hiding in the wings.

Thanks,

v

Thanks for the replies .. I have 52 G of disk space left.

I did go through the prework - and the HJT log is from after having done that. Sorry, I forgot to attach the AVG log. I'll do that now.

Attached Files

20-02-07.txt (42.8 KB, 2 views)

save the attached file to your desktop, and rename it to fix_restore.reg. Once that is done, double click on the .reg file, you will be prompted if you really want to do this, choose 'yes', it will then say 'successfully merged', reboot your system and see if you can get into the restore functions now.

Thanks,

v

Attached Files

fix_restore.txt (2.3 KB, 1 views)

I still get the same error message I'm afraid

what the?!?!?!

grrrr...stupid computers......okay, let's go back a few steps.....obviously something doesn't want you to make changes, so let's try this....

Please go HERE to run Panda's ActiveScan

• Once you are on the Panda site click the Scan your PC button
• A new window will open...click the Check Now button
• Enter your Country
• Enter your State/Province
• Enter your e-mail address and click send
• Select either Home User or Company
• Click the big Scan Now button
• If it wants to install an ActiveX component allow it
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• When download is complete, click on My Computer to start the scan
• When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report