Hi, I too am having problems with Avast giving me frequent warnings that Win32 downloader-pku has been blocked and moved to chest. Does this mean that my machine IS infected or does it just tell me that a threat has been made. Yesterday I ran the anti malware programmes and each time there were threats that have been removed. If my machine is infected and I am not able to remove the threats I do have a disk image file that was created by Win7 backup from about 3 weeks ago. Would it be safe to reload the pc from this ?.
Here are two of my log files I got when running malware software yesterday.
log 1
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.orgDatabase version: v2012.07.16.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
S&J :: SJ-LAPTOP [administrator]
16/07/2012 11:35:04
mbam-log-2012-07-16 (11-35-04).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 249703
Time elapsed: 22 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\S&J\AppData\Local\{289e3c44-f12b-e917-8bc1-cf6aa136111a}\n. -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{289e3c44-f12b-e917-8bc1-cf6aa136111a}\U\00000004.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{289e3c44-f12b-e917-8bc1-cf6aa136111a}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
(end)
log 2 from a full scan
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.orgDatabase version: v2012.07.16.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
S&J :: SJ-LAPTOP [administrator]
16/07/2012 11:35:04
mbam-log-2012-07-16 (11-35-04).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 249703
Time elapsed: 22 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Users\S&J\AppData\Local\{289e3c44-f12b-e917-8bc1-cf6aa136111a}\n. -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{289e3c44-f12b-e917-8bc1-cf6aa136111a}\U\00000004.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{289e3c44-f12b-e917-8bc1-cf6aa136111a}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
(end)
Any help would be appreciated.