hello
from 3-5 days
every time i run my lap i get Avast 4 warning about files in this path :
C:\users\[user-name]\App Data\Local\Temp
some times in this path too :
C:\windows\System32\config\systemProfile\AppData\Local\temp
and also get Crash message of Anti vir has stoped working Window with just Close
the files name change every time and seems to be random names
like
e8afdcf7.dll
1fykzkw4.dlland others like those and proccess is always :
C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe i make full scan with Avast Internet Security and Boot Scan > just detect th 4 files and nothing else
and with combofix (Report in attachments)
and with Mbam and this reports from Mbam :
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5814
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
20/02/2011 02:56:37 ص
mbam-log-2011-02-20 (02-56-37).txt
Scan type: Quick scan
Objects scanned: 174193
Time elapsed: 7 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\k-t\AppData\Roaming\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\k-t\AppData\Local\Temp\IELOGIN.abc (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\k-t\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\k-t\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\k-t\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\k-t\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5814
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
20/02/2011 04:08:07 ص
mbam-log-2011-02-20 (04-08-07).txt
Scan type: Full scan (C:\|)
Objects scanned: 342713
Time elapsed: 1 hour(s), 4 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\k-t\Desktop\privashare 1.3\privashare.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\program files\internet download manager\Patch.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\Sheet\Controol\help\prepcontrolsheet.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
