WTF is this virus

[XxCompg33kxX]

C:/ and ..../.../clientreport[1].html

and avast said A TROJAN HORSE WAS FOUND

[cinchez]

Would u pls send it to www.virustotal.com for further analysis^^

Then post back the results here^^

Thanks^^

-AnimeLover^^

[DavidR]

C:/ and ..../.../clientreport[1].html

and avast said A TROJAN HORSE WAS FOUND

Presumably this is in your temporary internet files ?

You don't say what the malware name was either, there will have been a little more than a trojan. So without more information there is no way to say what it is ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe
 
- Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log and copy and paste the entry.

If from the Temporary internet files I wouldn't spend much time investigating at all, just clear the temporary internet files (using your browser)

[XxCompg33kxX]

It comes up every time i start and how do you clean it out in FF 3.5

[XxCompg33kxX]

C:/ and ..../.../clientreport[1].html

and avast said A TROJAN HORSE WAS FOUND

Presumably this is in your temporary internet files ?

You don't say what the malware name was either, there will have been a little more than a trojan. So without more information there is no way to say what it is ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe
 
- Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log and copy and paste the entry.

If from the Temporary internet files I wouldn't spend much time investigating at all, just clear the temporary internet files (using your browser)

Heres a pic of the log viewer

[Lisandro]

XxCompg33kxX, we can't read where the file is as the column width is too narrow. Can you expand it?
Or you can open, copy and paste, from here C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log

[XxCompg33kxX]

XxCompg33kxX, we can't read where the file is as the column width is too narrow. Can you expand it?
Or you can open, copy and paste, from here C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log

Here u are tech

[Lisandro]

If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:

1. Clean your temporary files. You can use CleanUp or CCleaner for that.

2. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (repeatedly press F8 while booting).
If avast does not detect it, you can try DrWeb CureIT! instead.

3. It will be good if you download, install, update and run MBAM (or SUPERantispyware or even SpywareTerminator).
If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
About legit antispyware applications or the bad ones see here.

4. If you still detecting any strange behavior or even you're sure you're not clean, maybe it will be good to test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster for XP/Vista. For XP only: Panda.

5. Also, if you still detecting strange behaviors or you want to be sure you're clean, maybe making a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.

6. Browser hijacking and problems with antivirus update could be managed in some scenarios by cleaning the hosts file (at C:\windows\system32\drivers\etc folder). The file does not have an extention, it's simply hosts.
The default file consists of a number of example lines preceded with # The only required line is
127.0.0.1       localhost
You can get a good replacement with HostsMan that keep it clean (avoid infections) and updated: http://www.abelhadigital.com

7. After you're clean, disable System Restore on Windows ME, XP or Vista. System Restore is not available in Windows 9x and 2k. After disabling you can enable it again.

8. Use the immunization of SpywareBlaster.

9. Finally, when you're clean, check for insecure applications with Secunia Software Inspector to update insecure applications and avoid reinfection.

[XxCompg33kxX]

If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:

1. Clean your temporary files. You can use CleanUp or CCleaner for that.

2. Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (repeatedly press F8 while booting).
If avast does not detect it, you can try DrWeb CureIT! instead.

3. It will be good if you download, install, update and run MBAM (or SUPERantispyware or even SpywareTerminator).
If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
About legit antispyware applications or the bad ones see here.

4. If you still detecting any strange behavior or even you're sure you're not clean, maybe it will be good to test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster for XP/Vista. For XP only: Panda.

5. Also, if you still detecting strange behaviors or you want to be sure you're clean, maybe making a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.

6. Browser hijacking and problems with antivirus update could be managed in some scenarios by cleaning the hosts file (at C:\windows\system32\drivers\etc folder). The file does not have an extention, it's simply hosts.
The default file consists of a number of example lines preceded with # The only required line is
127.0.0.1       localhost
You can get a good replacement with HostsMan that keep it clean (avoid infections) and updated: http://www.abelhadigital.com

7. After you're clean, disable System Restore on Windows ME, XP or Vista. System Restore is not available in Windows 9x and 2k. After disabling you can enable it again.

8. Use the immunization of SpywareBlaster.

9. Finally, when you're clean, check for insecure applications with Secunia Software Inspector to update insecure applications and avoid reinfection.

Thank you Tech I will try this what about if the virus presists when i have followed these steps

[Lisandro]

Thank you Tech I will try this what about if the virus presists when i have followed these steps

You're welcome. Maybe step 1 is a good one to delete your temporary (infected) files.

[XxCompg33kxX]

Thank you Tech I will try this what about if the virus presists when i have followed these steps

You're welcome. Maybe step 1 is a good one to delete your temporary (infected) files.

Tech ... I will tell my friends about you and also Tell Peeps on my forum

[Lisandro]

Tech ... I will tell my friends about you and also Tell Peeps on my forum

If you want to help me, don't thank me, just sign up & use (sign up only is not enough) Mozy to get 2,200 Mb for free remote backup system. Enjoy its safety!