Author Topic: I have a virus that Avast couldn't detect - Help (Read 5519 times)

REDACTED · « **Reply #15 on:** February 08, 2018, 06:12:23 PM »

Scan this file "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" or run it?

When I scanned it with avast it said great no issues found, could you please explain more?

Pondus · « **Reply #16 on:** February 08, 2018, 06:19:13 PM »

Scan with virustotal.com

REDACTED · « **Reply #17 on:** February 08, 2018, 06:38:17 PM »

This is the result: https://www.virustotal.com/#/file/070b158ca4cd5ffb9a3e4b522cadac3759791baef6fcc206cf1dbdbafdead17d/detection

Anything else I shall do?

Pondus · « **Reply #18 on:** February 08, 2018, 06:44:53 PM »

Quote

Anything else I shall do?

Malware expert will check your logs when online, this may take hours

REDACTED · « **Reply #19 on:** February 08, 2018, 06:46:52 PM »

Thanks for your help, much appreciated!

Michael (alan1998) · « **Reply #20 on:** February 08, 2018, 08:25:20 PM »

Startup: C:\users\MWVTest\Appdata\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Discussion of Requirement() [80-10-8102] sbv.txt

It does indeed look to try and steal passwords, but I have no idea where it's writing too...

REDACTED · « **Reply #21 on:** February 08, 2018, 08:40:44 PM »

Hi Michael,

Thank you for following up, there is no such MWVTest folder

Are you sure of the path?

Michael (alan1998) · « **Reply #22 on:** February 08, 2018, 08:41:24 PM »

That was from my FRST Log file, not yours

REDACTED · « **Reply #23 on:** February 08, 2018, 08:47:45 PM »

Ah I see I was confused I don't have a MWVTest user on my computer ok I got it now.

Well the only thing I did with the file is that I right clicked and opened it with notepad++ then I knew it was a virus closed it and deleted everything, actually I was going to bed when it happened to me so I turned pc & internet off and unplugged everything.

Hopefully I am safe.

Michael (alan1998) · « **Reply #24 on:** February 08, 2018, 09:06:46 PM »

NP++, god I love that program.

REDACTED · « **Reply #25 on:** February 08, 2018, 09:23:37 PM »

LOL, I only use it when I want to edit code quickly, and it's free!

I hope nothing is serious

Thanks

Sass Drake · « **Reply #26 on:** February 08, 2018, 11:17:15 PM »

Open Notepad (click Start button -> type notepad.exe -> press Enter)
Copy text from code block below and paste it into Notepad

Code: [Select]

IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdapp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\skyfonts.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\wampmanager.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"

Go to File -> Save As
Make sure that UTF-8 is selected as Encoding (left side of Save button)
Save it as fixlist.txt on Desktop
Open again FRST and click on button Fix
Wait until FRST finishes
fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.

REDACTED · « **Reply #27 on:** February 08, 2018, 11:25:12 PM »

Please find fixlog attached.

Thanks

Sass Drake · « **Reply #28 on:** February 08, 2018, 11:54:53 PM »

What is systems tatus now? Where is that not detected file located?

REDACTED · « **Reply #29 on:** February 08, 2018, 11:57:53 PM »

Thanks for the prompt reply

I really don't understand what you mean, what do you mean by systems tatus? Could you please explain more?

Thanks

Author Topic: I have a virus that Avast couldn't detect - Help (Read 5519 times)

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Pondus

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Pondus

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Michael (alan1998)

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Michael (alan1998)

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Michael (alan1998)

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Sass Drake

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help

Sass Drake

Re: I have a virus that Avast couldn't detect - Help

REDACTED

Re: I have a virus that Avast couldn't detect - Help