Backdorr.Bifrose ffx07.exe

I am assuming that you have removed the external hard drive. At which point I would suggest that you boot into safe mode and attempt to first run ComboFix....and then see if you can run the other scans.

 

Did you rename ComboFix? Can you at least run the MGTools.exe?
Even if you reformat, once you hookup the external, you will probably be re-infected, so it would be best to try to clean you now. You could also start by removing the files you mentioned.

 

Either rename to cf or combo-fix......let me know how you make out.

 

You are not clean......

Let's use ComboFix to remove a bunch of malware files.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
o If it is not on your Desktop, the below will not work.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
C:\WINDOWS\up.txt012
C:\WINDOWS\up.txt0
C:\WINDOWS\up.txt01
C:\WINDOWS\ffx14.exe012
C:\WINDOWS\ffx14.exe01
C:\WINDOWS\up.txt01234
C:\WINDOWS\up.txt0123

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe
* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now ATTACH the new log from ComboFix and continue with the instructions here:
READ & RUN ME FIRST. Malware Removal Guide

 

You have AVG8 installed..so there is no reason to install Symantec.

You can use the removal tool HERE

 

Is your only problem left re-installing Symnatec? You say your company has license for it...is this on a domain....and is the program installed from a company server?

 

If the error you get is that you may not have privileges to install, then I would suggest you contact your IT person to do it. You would need to have an administrative accout in order to start the service I suspect.

You can find out by going to start / run / and type "services.msc" without qoutes and scroll down to the symantec service and see if you can change it to either manually start or auto start.

 

Unfortunately, the only way to remove a virus from the external hard drive is to connect it and run the SAS and Malwarebtyes scans with the external as the target. You can also then run an online scan with BitDefender. You need to do it using IE.

Go to Bitdefender agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files. Once Bitdefender completes the scan:

Click-on the Detected Problems tab. Then select Click here to export the scan report

When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.