Scared

[Tarq57]

GAH!!!!!!!!

i had mbam start a full scan in regular mode, and avast freaked out 3 times, finding that Jifas-cj bull crap again, and at the same time Mbam listed 3 found infected objects... ..... will mbam find stuff in the virus chest , or did they both just happen to find these things at the same time

If Avast produced the warnings, it would have been Avast alerting on what MBAM was uncovering, or had in its chest.
What were the names and full file paths of the detections, please?

[addirockart]

I am waiting for the Mbam report to come to an end but they were really long, they popped up when it his the HKEYs.....  I freaked out when your green dot turned white and said offline lol...

[Tarq57]

OK, might be alright.
We'll see.
I have asked a couple of trained folk here for a look-see, also.
"H_KEY" is part of the registry. If it is pointing to a file location that is (hopefully) missing, it will be alright, and straightforward to clean up.

[addirockart]

much appreciated ... I think I found my mystery source. it has no desktop or quick launch icon, but it would appear someone in my family used limewire on my computer. I want it eradicated. I detest the idea of P2P and this is why. I knew this wasnt my fault. My Dad used to use frostwire... on his old comp. this being killed off should help I'd hope as well.


andi

[Tarq57]

Nothing wrong with Limewire, apart from the privacy risk on a poorly set-up installation. There can be plenty wrong with a lot of the files that are often shared on a p2p network. The average user probably doesn't know how to tell a good file from a malicious one, either.
Limewire itself (and Frostwire) are harmless and can be removed as a matter of routine after this particular adventure.
Waiting for the next scan report.
Following that we'll probably have Avast do another scan, since it is (apparently) detecting malicious reg entries.

[addirockart]

all this in regular operating mode is cool, right?

so, Limewire can stay, and it wont affected anything? Google says it has adware in it...

[Tarq57]

I suggest you remove your email address from the post. Leaving it there increases your chance of getting spam. Lots of unlovely spam.
For the same reason I won't post mine.
When you get to 20 posts you will be able to edit your posts, and also able to modify your forum profile, and send PM's. A pm is a good way to get in touch.
Be clear, though, I am an untrained helper. The trained helpers here include Essexboy and Oldman. But they might be enjoying Christmas Eve/Day, or be on holiday. We'll see if they turn up.

Regular operating mode is fine.

I know Google sees all; knows all, but don't believe everything you read on the internet. There's a review somewhere that says that Avast is a trojan.
A p2p is a very direct way to expose yourself to downloading malicious files. Some p2p's have been riddled with adware, Kazaa for example. Limewire itself is clean. That said, later, I'll be happy to give you info on removing it. There are a lot of insecure p2p installations around. A major privacy concern.

[addirockart]

I understand, I never had a computer of my own until 2003, and neither of my parents have had computers until recently/ no siblings... so a lot of stuff is new to me. I never thought I'd have a virus for the most part since I never got anything when the big worms hit the PCs here, and I was able to kill off the zlob trojan when it attacked my dads computer... It great to have some insight tho, since not everything always requires the professionals. I love how microsoft basically said they cant really help anyone just use the online scanner, then email them the results and they will get back to you within 48 hours.... great.. I wanted it fixed for Christmas... lol MBAM is a great program, the only thing like I had ever used would be Spybot...

[Tarq57]

Spybot I have a soft spot for, but would not suggest it as a first removal application. OK for a second opinion.

Another of the tools suggested to you on P1 of the thread was Superantispyware. That, and MBAM, are probably two of the better "state of the art" scanners these days.

Once (if) we get a clean result here, I will suggest SAS for a second opinion, following an Avast scan.

[addirockart]

do you think a quickscan will pick up anything with avast? scaning this terabyte of photos and music is taking the longest. MBAM already finished C: D: ... waiting on "L"...


see... nothing was found during any of the other scans on it, and the guy from Microsoft said the viruses usually stick to where windows in, in my case C: and its partitions... he doubted it would jump there...but idk it seems evil enough...

[Tarq57]

Since Avast warned of malicious registry entries earlier, probably when MBAM's scanner was processign them, I think it is likely an Avast scan will pick something up.
You could have it do a custom scan, just scan certain areas, say, the C drive. That should do it.
Is "L" your external hard drive?
That can be scanned later.

[addirockart]

yeah L is the external terabyte ... big

[Tarq57]

If it isn't connected, MBAM will be waiting forever to scan it. Or is it in the middle of scanning it now?

[addirockart]

its been scanning it for over an hour ... also: do you think SAS should be renamed too?

scan has hit 2 hours... should I abort?

[YoKenny]

I see that you now have more than 20 posts which will permit you to update your profile to include signature information.

Go to PROFILE then Modify Profile then Forum Profile Information then Signature: and put information about your system if you like just like my sigature as it helps with problem diagnosis.

IE8 is more secure than IE7 and has a lot better performance:
http://www.microsoft.com/windows/Internet-explorer/default.aspx

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online