Jump to content

Recommended Posts

  • Administrators
Posted

Please elaborate more on what issues you are having with your laptop. If you suspect it to be infected with malware, provide logs collected with ESET Log Collector.

Posted (edited)

I was infected by two different trojans after an evil twin attack: Ymacco and !BOB in system32. sfc /scannow gives periodically damaged files recovered.ELC_logs.zip Here is the .zip generated by your tool without Eset SysInspector option

Edited by tman555
Posted

This is with sysinspection (I was excluding it because it seems to be stuck but it just takes a longer time)

ELC_logs.zip

  • Administrators
Posted

ESET is not installed. Please make sure to install ESET and run a full disk scan first.

Posted

The complete scan doesn't find anything.

  • Administrators
Posted

There are no suspicious files in your logs. The only weird thing is that there are still AVG files although it's not among installed sw.

c:\program files\avg\antivirus\aswamsi.dll, , AVG AMSI COM object, AVG Technologies CZ, s.r.o.
c:\program files\avg\antivirus\aswhook.dll, , AVG Hook Library, AVG Technologies CZ, s.r.o.
c:\program files\avg\antivirus\ashshell.dll, , AVG Shell Extension, AVG Technologies CZ, s.r.o.
c:\program files\avg\antivirus\aswcmnbs.dll, , AVG Common functions, AVG Technologies CZ, s.r.o.
c:\program files\avg\antivirus\dll_loader.dll, , AVG dll loader, AVG Technologies CZ, s.r.o.
c:\program files\avg\antivirus\aswcmnis.dll, , AVG independent functions, AVG Technologies CZ, s.r.o.
c:\program files\avg\antivirus\aswcmnos.dll, , AVG HW dependent library, AVG Technologies CZ, s.r.o.

Besides that, there are errors like this:

Filter Manager: Failed to connect to volume '\Device\HarddiskVolume3'. A system restart is required for the volume to be available for filters. Final Status: 0xC03A001C.

The device driver for the Trusted Platform Module (TPM) has detected a fatal error in the TPM hardware that prevents the use of TPM services (such as data encryption). For more information about this hardware issue, contact your computer manufacturer.

Did you enable data encryption?

Posted

AVG files were there because I didn't restart the computer. No, I didn't enable data encryption, but at this point I think someone disabled it.

Posted (edited)
4 hours ago, Marcos said:

The device driver for the Trusted Platform Module (TPM) has detected a fatal error in the TPM hardware that prevents the use of TPM services (such as data encryption). For more information about this hardware issue, contact your computer manufacturer.

Did you enable data encryption?

The TPM issue can be caused by a number of different reasons. Best to search the web for solutions. This first one I would try is to update/reinstall TPM driver via Win Device Manager.

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...