WiredWX Hobby Weather ToolsLog in

 


descriptionantivirus software alert bankerfox.a and win32/nuqel.e Emptyantivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
attack from: 128.1.73.36, port 60859
attacked port: 2229
threat: Bankerfox.a

attack from: 169.61.121.41, port 59125
attacked port: 26920
threat: Win32/Nuqel.E

Both of these keep popping up along with a webpage for Porno.com. How can I remove these? My husband upgraded our free AVG from AVG8 to AVG9 a few days ago and today all the above happened.

Thanks for any help!

descriptionantivirus software alert bankerfox.a and win32/nuqel.e EmptyRe: antivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
Hello and welcome to GeekPolice.net.

My name is Sneakyone, and I will do my best to help get your problem resolved today.

I am currently a student in GeekPolice Academy, and will be a little delayed on each reply, as my instructors must review and approve each reply.

If you have any questions, please ask, and I will do my best to get to the question promptly.

Please wait here, while I get the first set of instructions for you.

descriptionantivirus software alert bankerfox.a and win32/nuqel.e EmptyRe: antivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
Sure, not a problem Smile...

descriptionantivirus software alert bankerfox.a and win32/nuqel.e EmptyRe: antivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
Hi ncapps, Smile...

Welcome to GeekPolice.net!

My username is Sneakyone and I will be assisting you today.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    ws2_32.dll
    proquota.exe
    imm32.dll
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    nvrd32.sys
    /md5stop
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time


descriptionantivirus software alert bankerfox.a and win32/nuqel.e EmptyRe: antivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
tried to download OTL Security Warning popped up that says
"Application cannot be executed. The file ot[1].exe is infected. Do you want to activate your antivirus software now?"

descriptionantivirus software alert bankerfox.a and win32/nuqel.e EmptyRe: antivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
I found where OTL was saved to my program files but I can't open it to run it. Keep getting the same type of warning, that the OTL.exe file is infected, then it asks if I want to activate my antivirus software.

descriptionantivirus software alert bankerfox.a and win32/nuqel.e EmptyRe: antivirus software alert bankerfox.a and win32/nuqel.e

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum