« previous next »
Pages: [1]   Go Down

Author Topic: warning that a threat has been detected: http://includeit.info/include.js?id  (Read 5594 times)

0 Members and 1 Guest are viewing this topic.

cecilia12

  • Guest
warning that a threat has been detected: http://includeit.info/include.js?id
« on: July 16, 2012, 01:55:59 PM »
I see that I'm not the only one that has this problem! This Avast warning pops up saying that  pops up every couple of minutes saying that avirus has shown up: http://includeit.info/include.js?id=js25
Infection: URL: Mal
Process: C:\Programmi\Internet Explorer\explore.exe
When I'm in Chrome or Mozilla, the process is Chrome or Mozilla instead of Explorer. It's very annoying, and although Malwarebytes Anti-Malware detected and quarantined about 7 problems (logs below), now both Avast's complete scan and the fuller Malwarebyte now show up nothing, although the Avast scan result does say that some files can’t be scanned:
Name of the file: C:\ADSM_PData_0150
State: Error: Handle non valido (6)

I really hope you  can help me solve this. Thanks a lot. Cecilia
Three Malware scan logs:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.11.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 8.0.6001.18702
utente :: NOME-E8FDFCF491 [administrator]

11/07/2012 15.27.16
mbam-log-2012-07-11 (15-27-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217794
Time elapsed: 5 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Documents and Settings\utente\Impostazioni locali\Temp\WQ6M0uj4.exe.part (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\utente\Impostazioni locali\Temp\is1373634743\IWantThis_ROW.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Documents and Settings\utente\Impostazioni locali\Temp\20924421.Uninstall\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\utente\Impostazioni locali\Temp\22475062.Uninstall\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.

(end)

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.11.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 8.0.6001.18702
utente :: NOME-E8FDFCF491 [administrator]

11/07/2012 18.14.55
mbam-log-2012-07-11 (18-14-55).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 319791
Time elapsed: 52 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Documents and Settings\utente\Documenti\SoftonicDownloader_per_celtx.exe (PUP.ToolbarDownloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\utente\Documenti\The Characteristics of Spoken English\student research 1\project material\SoftonicDownloader_per_open-freely.exe (PUP.BundleOffer.Downloader.S) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D8845749-EE44-4FD0-8B03-36D67A1C856A}\RP332\A1000404.exe (Adware.Agent) -> Quarantined and deleted successfully.

(end)

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.11.05

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 8.0.6001.18702
utente :: NOME-E8FDFCF491 [administrator]

16/07/2012 12.46.11
mbam-log-2012-07-16 (12-46-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 319279
Time elapsed: 52 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Logged

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: warning that a threat has been detected: http://includeit.info/include.js?id
« Reply #1 on: July 16, 2012, 03:42:31 PM »
Hi cecilia12,

First, please change the links to includeit.info from http:// to hXtp:// to avoid accidental clicks.

Then, follow the instructions here: http://forum.avast.com/index.php?topic=53253.0
And attach both OTL and aswMBR logs in your next post.
Logged
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

cecilia12

  • Guest
Re: warning that a threat has been detected: hxtp://includeit.info/include.js?id
« Reply #2 on: July 25, 2012, 03:30:47 PM »
Dear Avast team.
Thank you very much for your reply, which I have copied and pasted in to my file about the problem. I haven't followed your instructions as the problem seems to have resolved itself - no more warning pop ups, and no viruses detected if I run any scans with either Avast (free version) or Anti-Malware, except for the following notice after a complete Avast scan:
Results: some files can’t be scanned
Name of the file: C:\ADSM_PData_0150
State: Error: Handle non valido (6)

The only thing I can think of that I did was I ran CCleaner. Could this mean that the virus was in a temporary file that was then deleted? Or could there still be one somewhere?
Cecilia12
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37583
  • Not a avast user
Re: warning that a threat has been detected: http://includeit.info/include.js?id
« Reply #3 on: July 25, 2012, 03:40:43 PM »
Quote
The only thing I can think of that I did was I ran CCleaner. Could this mean that the virus was in a temporary file that was then deleted? Or could there still be one somewhere?
with no logs to look at....all answers are guesswork.  ;).....and yours as good as any
Logged
Pages: [1]   Go Up
« previous next »