Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: watchet10109 on August 31, 2009, 10:17:12 PM

Title: RE: fryed computer/ attn: DavidV
Post by: watchet10109 on August 31, 2009, 10:17:12 PM
Hi fella, panic over. I went to a sight called "just answer" and was connected to a guy called Christopher Bessler. on his advise i downloaded a program called "malwarebytes" on a friends computer, popped it onto a USB memory stick. I started my laptop in safe mode an ran the program (I have placed a copy of the log below).It found 5 viruses, I also managed to delete Avast. This seems to have solved the problem.

 When i went onto the internet to download "Avast", it was the first time with this new HD and OS. I went straight to the Avast homepage and downloaded the home edition. There was very little chance for me to pick up these viruses anywhere else. I'm not pointing a finger, just thought that you should know. Here are the logs:

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 2 (Safe Mode)

9/1/2009 7:29:28 PM
mbam-log-2009-09-01 (19-29-28).txt

Scan type: Quick Scan
Objects scanned: 90912
Time elapsed: 8 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vistadrive (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\VistaDrive\VistaDrive.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
Title: Re: RE: fryed computer/ attn: DavidV
Post by: Mr.Agent on August 31, 2009, 10:42:08 PM
I found this about your VistaDrive.exe http://www.file.net/process/vistadrive.exe.html
http://spywarefiles.prevx.com/RRGDDE28573069/VISTADRIVE.EXE.html
http://www.superantispyware.com/malwarefiles/VISTADRIVE.EXE.html

I hope i did help you and dont maked mistake this time. ;) Also i hope i dont maked you scare... My point is to give you mush information about it so happy reading.

If some 1 say that i did make a mistake so reply to me and i will be happy to talk with you.

Mr.Agent
Title: Re: RE: fryed computer/ attn: Davidr
Post by: watchet10109 on August 31, 2009, 11:07:57 PM
Thanks for the heads up Mr Agent. I will check this out straight away. ;)
Title: Re: RE: fryed computer/ attn: DavidV
Post by: Mr.Agent on August 31, 2009, 11:09:03 PM
Your welcome mate. I hope i did respond your post. ;)

Mr.Agent
Title: Re: RE: fryed computer/ attn: DavidV
Post by: YoKenny on August 31, 2009, 11:13:06 PM
WinXP SP3 has been available for over a year so you should go to Tools then Windows Update in Internet Explorer and install all updates as it provides performance enhancements and several Critical updates.

Go to Control panel then Automatic updates then enable at least Notify me but do not download updates.

Run Secunia Online Software Inspector to see what applications are vulnerable:
http://secunia.com/vulnerability_scanning/online
Title: Re: RE: fryed computer/ attn: DavidV
Post by: Mr.Agent on August 31, 2009, 11:17:49 PM
Oh yeah i did miss also that thank Yokenny i was also wondering with those number of Malwarebytes of what kind OS you was running. But well Yokenny did understand the language OS of Malwarebytes lol. ;)

Mr.Agent
Title: Re: RE: fryed computer/ attn: DavidV
Post by: mkis on September 01, 2009, 12:59:00 AM
When i went onto the internet to download "Avast", it was the first time with this new HD and OS. I went straight to the Avast homepage and downloaded the home edition. There was very little chance for me to pick up these viruses anywhere else.

You didn't pick the viruses up on avast homepage. So be careful wherever else you go or you may get infected again.