Author Topic: avast isn't detecting troublesome trojans/viruses  (Read 7742 times)

0 Members and 1 Guest are viewing this topic.

all5inhim

  • Guest
avast isn't detecting troublesome trojans/viruses
« on: August 10, 2009, 07:06:52 PM »
I ran a  "hyjackthis" log. I see a few entries that look like bad files, but I'm not sure and don't want to do the wrong thing. Where do I post the log so someone who understands what it's saying can read it? Then, what do I do from there?


Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 88749
  • No support PMs thanks
Re: avast isn't detecting troublesome trojans/viruses
« Reply #1 on: August 10, 2009, 07:12:10 PM »
What makes you believe you have a trojan/virus ?
What do you mean by troublesome ?

If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.1.6099 (build 24.1.8821.762) UI 1.0.796/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

all5inhim

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #2 on: August 10, 2009, 07:27:50 PM »
Well, I know something's wrong when I constantly get popups from "Green AV",fake Windows firewall warnings, Etc. One of the Green AV boxes can't be removed as I refuse to click on the "Remind me later" button. I also get an "Updates are ready for your computer. Click here to install updates" box.
I was able to remove irritating trojans and worms by running Windows Live OneCare in safemode before my husband decided to try Avast.

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 88749
  • No support PMs thanks
Re: avast isn't detecting troublesome trojans/viruses
« Reply #3 on: August 10, 2009, 08:16:10 PM »
Whilst avast does detect these fake security applications, they are constantly creating new variants, I would suggest MBAM item 1. as the tool of choice on fake security applications.

The actual file isn't a virus as such as all it is doing throwing up fake alerts, in what is a social engineering ploy as the fear factor cuts in and people click the various links, then there is the possibility of a real infection.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.1.6099 (build 24.1.8821.762) UI 1.0.796/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

CharleyO

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #4 on: August 11, 2009, 02:50:58 AM »
***

Welcome to the forums, all5inhim.   :)

If you will post your HJT log in this thread, I will analyze it for you. It will be tomorrow before I can do it.

Run the program but do not make any fixes and then post the log results using the "copy & paste" method. It will probably take more than one post to be able to get the complete log posted.

OR, you can post it as an attachment to your post by clicking on "Additional Options..." below left of the posting box. 

When you post the log, be sure to include the complete log ... header and ending.


***

all5inhim

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #5 on: August 11, 2009, 05:24:15 AM »
I've downloaded and scanned with mbam and Superantispyware. I quarantined all infected files, but the adware or whatever this is keeps popping up. I do appreciate any help you can give.

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: avast isn't detecting troublesome trojans/viruses
« Reply #6 on: August 11, 2009, 12:09:20 PM »
So, here are my findings.

(1) Questionable entries
   - C:\Documents and Settings\All Users\Application Data\gav\gav.exe
        From what I know, this is part of a hoax antivirus called Green Antivirus 2009. If possible, send gav.exe to VirusTotal
        PrevX Report

   - O4 - HKLM\..\Run: [21098746521098765] C:\Documents and Settings\All Users\Application Data\gav\gav.exe
         Possible part of Green Antivirus 2009.

   - O4 - HKLM\..\Run: [23094848483939484] C:\Documents and Settings\All Users\Application Data\gav\mgrdll.exe
        Possible part of Green Antivirus 2009.

   - O20 - AppInit_DLLs: C:\WINDOWS\system32\fapawozi.dll
         Please submit fapawozi.dll to VirusTotal & tell us about the result of analysis.
        PC1News Report

   - O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Poker%20Superstars%203/Images/stg_drm.ocx
         This could be a possible malware dropper.
         PrevX Report

(2) Fix these entries by ticking a check
   - O1 - Hosts: ??????????????? antivguardian.com
   - O1 - Hosts: ??????????????? wXw.antivguardian.com
   - O1 - Hosts: 208.43.47.212 a1.review.zdnet.com
   - O1 - Hosts: 208.43.47.212 a1.review.zdnet.com
   - O1 - Hosts: 208.43.47.212 d1.reviews.cnet.com
   - O1 - Hosts: 208.43.47.212 review.2009softwarereviews.com
   - O1 - Hosts: 208.43.47.212 reviews.download.com
   - O1 - Hosts: 208.43.47.212 reviews.pcmag.com
   - O1 - Hosts: 208.43.47.212 reviews.techradar.com
   - O1 - Hosts: 208.43.47.212 toptenreviews.com
   - O1 - Hosts: 208.43.47.212 wXw.reevoo.com

(3) Unnecessarily deactivated that can be fixed
   - O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll (file missing)
   - O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll (file missing)
   - O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL (file missing)
« Last Edit: August 11, 2009, 12:17:56 PM by .: L' arc :. »
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

YoKenny

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #7 on: August 11, 2009, 02:10:02 PM »
In addition to what L' arc said go to Add remove progams and un-install Adobe reader and all Java installs as they are vulnerable to attacks.

Latest Version 6 Update 15:
http://www.java.com/en/download/manual.jsp

Download and install:
User Profile Hive Cleanup Service:
Brief Description
A service to help with slow log off and unreconciled profile problems.
http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en

Adobe Reader 9.1:
http://get.adobe.com/reader <== un-select Google Toolbar if you do not want it

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online

CharleyO

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #8 on: August 11, 2009, 07:11:03 PM »
***

Looks like L'arc & Yokenny got it it before I could. Follow their advice, please.


***

Sammo

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #9 on: August 11, 2009, 07:54:17 PM »
You might want to also try IObit Security 360 - http://www.iobit.com/beta.html

all5inhim

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #10 on: August 12, 2009, 07:29:19 PM »
Thanks L'arc and YoKenny. Worked like a charm. You guys ROCK!!!!!!!!!

YoKenny

  • Guest
Re: avast isn't detecting troublesome trojans/viruses
« Reply #11 on: August 12, 2009, 08:41:21 PM »
Quote
You guys ROCK!!!!!!!!!

Its avast! that enables us to ROCK!!!!!!!