Computer Hope
Software => Computer viruses and spyware => Topic started by: Sin311 on August 31, 2009, 03:10:02 PM
-
got a virus in the avast chest was wondering if i could go ahead and delete it from the chest or should i just
leave it alone and keep it in the chest?
-
delete , delete ::)
-
http://www.computerhope.com/forum/index.php/topic,46313.0.html
go to above complete post 3 logs here an expert will see them
-
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/30/2009 at 07:09 PM
Application Version : 4.27.1002
Core Rules Database Version : 4040
Trace Rules Database Version: 1980
Scan type : Quick Scan
Total Scan Time : 00:26:51
Memory items scanned : 861
Memory threats detected : 0
Registry items scanned : 490
Registry threats detected : 0
File items scanned : 18277
File threats detected : 2
Adware.Tracking Cookie
c:\users\nathan.\appdata\roaming\microsoft\windows\cookies\nathan.@doubleclick[4].txt
c:\users\nathan.\appdata\roaming\microsoft\windows\cookies\[email protected][1].txt
Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 6.0.6001 Service Pack 1
8/30/2009 7:45:09 PM
mbam-log-2009-08-30 (19-45-09).txt
Scan type: Quick Scan
Objects scanned: 86722
Time elapsed: 5 minute(s), 15 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:49:35 PM, on 8/30/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\taskeng.exe
C:\Users\Nathan.S\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Ares\Ares.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\MP0JOG0H\ADS_1_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4VJ0DTCJ\ADS_1_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\2LJIKQBF\ADS_2_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\VJ1X1OKH\ADS_1_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\VJ1X1OKH\ADS_4_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\2LJIKQBF\ADS_3_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\VJ1X1OKH\ADS_2_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DTJCR3K9\ADS_3_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DTJCR3K9\ADS_2_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\LJMKUL24\ADS_3_~1.SH! C:\Users\Nathan.S\AppDa
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\MP0JOG0H\ADS_1_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\4VJ0DTCJ\ADS_1_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\2LJIKQBF\ADS_2_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\VJ1X1OKH\ADS_1_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\VJ1X1OKH\ADS_4_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\2LJIKQBF\ADS_3_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\VJ1X1OKH\ADS_2_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DTJCR3K9\ADS_3_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\DTJCR3K9\ADS_2_~1.SH! C:\Users\Nathan.S\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\LJMKUL24\ADS_3_~1.SH! C:\Users\Nathan.S\AppDa
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://*.mcafee.com
O15 - Trusted Zone: *.netzero.com
O15 - Trusted Zone: *.netzero.net
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
-
Go to http://www.computerhope.com/cgi-bin/process.pl?o=31174115 for analysis of your HJT log.
Follow the instructions for cleaning.....
-
just about to say that karnac , i've just done it and it seems clear , but do it and read what they say there are 4
you have avast and mcafee in your pc you should only have one , avast is the best if you want mcafee out come back
-
I managed to transfer Avast to my laptop but when I click on the chest it tells me that Initialization of Chest files Action was completed with errors. The 1st time I ran a complete scan...a couple of times it alerted me to Adware and one time to a Trogan but was not able to put into chest so I just deleted them. How can I fix it so I will be able to use the chest instead of deleting everything??
-
I managed to transfer Avast to my laptop but when I click on the chest it tells me that Initialization of Chest files Action was completed with errors. The 1st time I ran a complete scan...a couple of times it alerted me to Adware and one time to a Trogan but was not able to put into chest so I just deleted them. How can I fix it so I will be able to use the chest instead of deleting everything??
start your own topic please
-
kizmit661 , in more pleasent terms than smeezekitty you should not hi-jack a topic please start your own and then everything relates to you
and by the way just delete why would you want to keep any thing thats found