Author Topic: JS:Includer-FR [Trj] ...constant (several per second) detections  (Read 17799 times)

0 Members and 1 Guest are viewing this topic.

deemo119

  • Guest
Hi, avast is detecting "JS:Includer-FR [Trj]" at the rate of 1 to 4 PER SECOND.  There were 18 detections in the time I typed that first sentence.  Now 39... please help!

It started yesterday morning after a scheduled nighttime scan, so I ran a full boot-time scan yesterday (literally over 20 hours long, thanks to a couple huge hard drives), and it found 6 of those same Trojans, plus one "Java:CVE-2013-0422-Y[Expl]" and one "Java:Malware-gen
", all of which were deleted.

Avast:
Program version:  8.0.1483
Virus def version:  130415-0
Number of def's:  4,346,135

running Windows 7 home premium

Please help it's found over 200 since I've been writing!  Thank you!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #1 on: April 15, 2013, 04:21:51 PM »
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #2 on: April 15, 2013, 04:28:33 PM »
I have to download 5 different things in order to attach my logs??  Sorry, I've never been through this before...

deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #3 on: April 15, 2013, 04:31:11 PM »
And also... according to the instructions I'll have to run a couple more scans for these other programs... the last one took over 24 hours... is there anyway of attaching logs for THAT scan before I go through 2 more days of scanning?  Thanks

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #4 on: April 15, 2013, 04:31:47 PM »
I have to download 5 different things in order to attach my logs??

Only 4 "things"... ;)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #5 on: April 15, 2013, 04:33:25 PM »
And also... according to the instructions I'll have to run a couple more scans for these other programs... the last one took over 24 hours... is there anyway of attaching logs for THAT scan before I go through 2 more days of scanning?  Thanks

Please reread Reply #1.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #6 on: April 15, 2013, 04:34:33 PM »
And also... according to the instructions I'll have to run a couple more scans for these other programs... the last one took over 24 hours... is there anyway of attaching logs for THAT scan before I go through 2 more days of scanning?  Thanks
these scans will not take 24 hours if you follow the instructions....
like Malwarebytes quick scan ....    ;)


deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #7 on: April 15, 2013, 04:46:15 PM »
Here's the first one:


# AdwCleaner v2.200 - Logfile created 04/15/2013 at 10:39:28
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Michael - DEMARIAPHOTO-PC
# Boot Mode : Normal
# Running from : C:\Users\Michael\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MiniEvony
Folder Deleted : C:\Users\Michael\AppData\Local\Conduit
Folder Deleted : C:\Users\Michael\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Michael\AppData\LocalLow\MiniEvony

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\MiniEvony
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9B9F072-8425-4897-B5E5-4438ECE6587D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2697877
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B9B9F072-8425-4897-B5E5-4438ECE6587D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\MiniEvony
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B9B9F072-8425-4897-B5E5-4438ECE6587D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97359E82-3808-47F6-8790-0771AEDBC8FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5E07FD1-38EB-48F3-B2D1-906C9BB19453}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MiniEvony Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{1AEC5771-FCD6-4537-A6B7-5F1935FD527C}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4885 octets] - [15/04/2013 10:39:28]

########## EOF - C:\AdwCleaner[S1].txt - [4945 octets] ##########

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #8 on: April 15, 2013, 04:55:40 PM »
Please attach your logs. Thanks.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #9 on: April 15, 2013, 05:00:40 PM »
You mean you don't want me to paste them in replies like I just did?  How do I attach them?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #10 on: April 15, 2013, 05:07:04 PM »
You mean you don't want me to paste them in replies like I just did?  How do I attach them?

If you reply here you'll find the option below the text box -> "Attachments and other options"
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #11 on: April 15, 2013, 06:12:58 PM »
Ok here are 4 of the 5 logs you asked for... thank you very much!

deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #12 on: April 15, 2013, 06:16:29 PM »
I cannot attach the 5th log (MBR.dat), it says it's an invalid file type to attach.  And I can't open it from my desktop to save it as another file type.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #13 on: April 15, 2013, 06:19:07 PM »
Quote
I cannot attach the 5th log (MBR.dat)
not a log....we want aswmbr.txt

deemo119

  • Guest
Re: JS:Includer-FR [Trj] ...constant (several per second) detections
« Reply #14 on: April 15, 2013, 06:26:03 PM »
Sorry, found it... here's the 5th log.  Thanks.