Already posted this in spanish section - perhaps someone could help a beginner!?

[REDACTED]

Cool Beans.. it is 00:40hrs here so i spose the guys got to get some rest at some point! 

I did mention it before but id really like to say thanks to you guys (especially Essexboy) is there a tip pot or something??

Do you work for avast directly?? Or are you like the vigilante superheroes of the internet? SUPERMAN!!
One last question.. How come Avast hasnt picked up the tojan/malware that was picked up on the other scan??

[essexboy]

Just finished work so updating to SP1 now .. As for this :  Win32:Evo-gen [Susp] it is marked as suspicious by AswMBR and as such may not actually be infected, it can be removed quite easily if you wish

[essexboy]

OK download the following zip file
https://dl.dropboxusercontent.com/u/73555776/prevhost.zip

Extract the file to your c: drive...  So it looks like this C:\prevhost.exe

We will then use FRST to put it  in the right location

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

Replace: C:\prevhost.exe C:\Windows\SysWOW64\prevhost.exe
Replace: C:\prevhost.exe C:\Windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7601.17562_none_450cbede5f4b17f1\prevhost.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

[REDACTED]

Thank you so much dude... 

I am reading through very carefully... before i do anything.. any problems i will be straight back to you...

Not too sure how im going to get it in the right place once ive down loaded and extracted (i can do that bit  )

Thanks again... will get on to this now

xx

PERI

[Michael (alan1998)]

The fixlist shall replace it for you. (The one Essexboy has provided)

[REDACTED]

Well here it is!!... My computer done some configurando y limpiando during the restart which looked promising!

Fixlog below fingers crossed all went well...

Michael or Alan1998 - I couldnt agree more!.. Essexboy is the best!

With regards the other little suspicious file... i rescanned with all the programs you recommended and it didnt pop back up... then i searched for the file location and it was no longer there... i presume ive zapped it and it hasnt moved somewhere else (i think im starting to give these viruses a little too much credit - like free thought!)

Thats why i asked why avast hadnt picked it up as i regularly complete full system scans ... bit worrying!

Thank you so much Essexboy feel as though we could possibly be at the last hurdle... Its been emotional 

[REDACTED]

Lol forgot to attach!

[Pondus]

Thats why i asked why avast hadnt picked it up as i regularly complete full system scans ... bit worrying!

what file was that?

no security program have 100% detection, if they did there would not be a virus problem
avast PUP detection are default OFF exept for in boot scan...so if that is what you want you have to turn it on in all shields/scan types where you want it

[REDACTED]

what file was that?

04:35:14.682    File: C:\Users\Peri\AppData\Roaming\Microsoft\Clip Organizer\mstore10.mgc  **INFECTED** Win32:Evo-gen [Susp]

This one... i hope its gone.. it makes you feel bit sick thinking its still lurking unnoticed!

I will double check my settings Pondus thanks!... Didnt mean to sound like i was dissing avast 

Can anyone see what caused my corruptness?

[Pondus]

  04:35:14.682    File: C:\Users\Peri\AppData\Roaming\Microsoft\Clip Organizer\mstore10.mgc  **INFECTED** Win32:Evo-gen [Susp] 

As said before, detected as Suspicious. Win32:Evo-gen [Susp] is a on access detection only and will not come up in any scan

You may upload and test the file at www.virustotal.com   if tested before, click rescan
Post link to scan result here

[REDACTED]

  04:35:14.682    File: C:\Users\Peri\AppData\Roaming\Microsoft\Clip Organizer\mstore10.mgc  **INFECTED** Win32:Evo-gen [Susp] 

You may upload and test the file at www.virustotal.com   if tested before, click rescan
Post link to scan result here

Er.. just bookmarked that litte gem.. thank you pondus, just  scanned the beaut, must have been a false positive or its been goned!

really enjoying this    is there any further reading i can do about all this stuff... or is it the kind of thing you need to go back to college for??

Read jim65's thread about the security issues about uploading logs... i asked a similar question recently in the general section... feel a bit silly now  but good to see im not the only novice making these mistakes

[essexboy]

OK that worked for the main part, for some reason it was unable to copy to the backup location, probably a permissions thing

Are you experiencing any problems now ?

[Michael (alan1998)]

Sorry, have to here.

Your Signature :-) I like it. Although it is a fixlist, not fixlog!!

[Pondus]

really enjoying this    is there any further reading i can do about all this stuff... or is it the kind of thing you need to go back to college for??

here is a alternative  www.metascan-online.com

is it virus/security info you want? ....  there is plenty info online if you Google

but here is some
https://www.virusbtn.com/resources/glossary/index
https://securelist.com/
http://www.microsoft.com/security/portal/mmpc/default.aspx

avast blog  https://blog.avast.com/
sucuri blog  http://blog.sucuri.net/
http://www.digitalthreat.net/2011/08/15-of-the-best-internet-security-blogs/#
http://googleonlinesecurity.blogspot.no/

[REDACTED]

Pondus.. Many thanks for the extra reading... Gonna have a read through!

Michael/Alan... Signature has been edited... Got to love a bit of the old Swedish house Mafia... and obv Essexboy deserves a big shout! *what are you sorry to hear??

Essexboy- im just running a quick scan on Avast to make sure they are no longer being missed out.

Computer seems to be running a lot smoother - CPU seems to have settled down, just gonna have a read and make sure everything is in order on the start up as the start up is still taking a while..

I defrag'd my harddrive last night and completed a C drive disk clear up. which saved me a gig or two.

I think that might just be it... Pondus, if nothing is 100% (totally understandable) would you and essexboy recommend running the three programs (FRST, ASWmbr and Adwcleaner) every few weeks or so??

Finally ive run CCleaner to get rid of the temp internet files etc. Can i delete the logs, addition*txt the programs and the zip folder for prevhost now??? dont want to undo all EB's hard work

xxxx

PEri