Help with AntiVirus System Pro

[Pondus]

Try these

Norman Malware Cleaner http://www.norman.com/support/support_tools/58732/en
Dr.WebCureit http://www.freedrweb.com/cureit/

[magic887]

For some reason Norman Malware Cleaner picked up nothing
MalwareBytes picked up nothing
SUPER antispyware picked nothing

but avast finds Win32: Trojan-gen
Hitman Pro finds a bunch of malware

who do I believe? and how do I complete get rid of it

[micky77]

Is it possible to post some logs.  Whats the name and location of files found by Avast. Does HMP produce a log ?

[Pondus]

i think we need essexboy to look at this, he is probably watching and will respond soon

[magic887]

Is it possible to post some logs.  Whats the name and location of files found by Avast. Does HMP produce a log ?

the files were from C:\Windows\system32\(randomletters).exe/mph/dll

the one by hitmanpro were all the same  C:\windows\system32\(randomleters).exe/mph/dll

I'm doing a full computer rescan with avast! right now
and scanning system 32 with malwarebytes and avast

Ok, the scan on system32 by Malwarebytes and avast! are finished, malwarebytes detects nothing, avast quick scan just closed without the results   Did it twice and cant find it on log.

HitmanPro still finds malware and DP.sys

[Pondus]

have done some googling,
The online engines used in Hitman pro V3 is avira/emsisoft/eset/G-data/prevx
G-data is using Avast and bitdefender engine
So i guess that is why Hitman and Avast is detecting the same, maybe a false positive

can you upload the file to virustotal http://www.virustotal.com/ and post the result link

[magic887]

have done some googling,
The online engines used in Hitman pro V3 is avira/emsisoft/eset/G-data/prevx
G-data is using Avast and bitdefender engine
So i guess that is why Hitman and Avast is detecting the same, maybe a false positive

can you upload the file to virustotal http://www.virustotal.com/ and post the result link

http://www.virustotal.com/analisis/af6425f0434682366d20ff84b008aced99d7895bfec747501011ad0721e3e01a-1258674079

http://www.virustotal.com/analisis/af6425f0434682366d20ff84b008aced99d7895bfec747501011ad0721e3e01a-1258674079

http://www.virustotal.com/analisis/af6425f0434682366d20ff84b008aced99d7895bfec747501011ad0721e3e01a-1258674079

and a bunch of others with same results

Avast! is also picking up Win32: Klone-BA, SearchColor-B [Adw], adware-gen, Klone-AZ  

Is it the right move to move them all to chest?

Please help! How did these new viruses get here 

[magic887]

i disabled my firewall for 1minute and still wont let me activate trial

what is the error you get?

run this tool from microsoft, which resets your hosts file and then try activating : http://go.microsoft.com/?linkid=9668866

nmb

Hi!

I finally managed to get Hitman Pro 3.5 working after the update.

A load of results were comfirmed Malware which i deleted already, but some were just suspicious files location in system 32.

C:\Windows\system32\(rAndomletters).mph

I scanned some of them already on my previous post with virustotal and I'm wondering if they are safe or should I delete them.

Also, I found this weird that I scanned with HitmanPro and I got 10 results (suspicious file), but when I scanned with Prevx (apparently included in HitmanPro), I got over 80 infected files with svchost.exe.

Any ideas?

[micky77]

Hi again, I've lost the plot a bit with this one. You have ran several programs,deleted things, yet not posted any logs.I see you have posted on several forums, so hopefully you should get some joy somewhere.
Regarding the mph files that are detected, are you running some sort of games hack From the VT results. it looks like they are FP's.
You say " Avast! is also picking up Win32: Klone-BA, SearchColor-B [Adw], adware-gen, Klone-AZ " You need to post logs that include the infected files names and locations.

You could try running DrWeb and ESET online scanner,then post the logs. If you are running some gaming hack, remove it first. Sometimes the behaviour of these programs are deemed malicious

http://www.freedrweb.com/cureit/
http://www.eset.com/onlinescan/