Author Topic: I'm confused about avast  (Read 23185 times)

0 Members and 1 Guest are viewing this topic.

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #15 on: January 23, 2010, 02:04:52 AM »
OK I got the three in quarantine. I haven't been having a closing for a few days. Two days ago I got another warning but nothing since. The computer is running as good as it was before all this. Do you think this has taken care of everying. Now what about the stuff in the avast chest?  Thanks

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: I'm confused about avast
« Reply #16 on: January 23, 2010, 06:40:29 AM »
Each of the files in the "infected files" section of the chest should be re-scanned.
There is no hurry to delete these files.
Those that re-scan as still infected can be left there.
Please post the names of the files, and their original locations. You may have to enlarge the chest screen and move the column headers to see the data.
Can you take and post screenshots? That may be easier than copying the data.
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #17 on: January 23, 2010, 06:57:07 PM »
Yes normally I can take screen shots but for some reason it will not do it in the chest. There are 15 files and I rescaned each one and they all come up infected. I'll have to type out each on for the info you want. It will take me a while so I'll have to get back later. Thanks

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #18 on: January 24, 2010, 02:39:59 AM »
Here they are.

                                                  Orignal Location                                                 Virus

AOIO2659dll                        C:\System Volume Info\restore                    Win32: Trojan.gen
AO102746.exe                                        "                                                Win32: FakeAV-A
SHNAS21.DLL                      C:\Windows\System2                                    Win32: Trojan.gen
shnas.dll                             C:\Documents and Settings\user\Locals              "         "
WCO.exe                                             "                                                          "         "
WCI.exe                                              "                                                          "         "
WCI2                                                   "                                                     Trojan-gen
WCI4                                                   "                                                     Win32: FakeAV
WCI5                                                   "                                                     Trojan-gen
WCI6                                                   "                                                     Trojan-gen
wcv.exe                                               "     
wcw.exe                                              "                                                     Win32:FakeAV-
wcx.exe                            C:\DOCUME~\User\Locals~\Temp                     Trojan-gen
wcy.exe                            C:\Documents and Settings\user\Locals                "
wcz.exe                            C:\DOCUME~\User\Locals~\Temp                     Win32:FakeA .A

Whew I hope I copied all this right.                                                                       

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: I'm confused about avast
« Reply #19 on: January 24, 2010, 03:02:05 AM »
It looks like Avast and MBAM have done a good job stopping this malware. Sorry, I don't have a name for it; a Google search indicates several of the processes quarantined could belong to several trojans, although it could be just one trojan involved in creating those files.
What I'd do next is a good file clean.
There are tow main file cleaner utilities I use, Ccleaner slim or ATF cleaner. (Atf will run from the download location.)
Select all temporary files and temporary internet files and have the cleaner remove them.
If your computer appears to be running well, turn off system restore, reboot, turn it back on again. Caution: this will remove all prior restore points. (It will also remove any malware files in a restore point.)
Update MBAM and run another quick scan. Only need to report the result if anything was found.
Give it a week or so, then rescan those files in the Avast chest, then (if still infected) delete them.

It looks to me like you are probably in pretty good condition. I'm not a trained malware remover, though. If you would like a second opinion involving running another tool and posting another log (to be sure) please advise. (I'd be inclined to do this, especially if the computer is used for CC transactions or banking.)
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #20 on: January 25, 2010, 11:50:47 PM »
I ran Ccleaner  and selected all temporary fines and temporary internet files and they were removed. I couldn't find how to shut off System Restore but I rebooted. I updated MBAM and ran a quick scan and it found three Trojans as follows:

Trojan Fake Alert     Reqistry Key           HKEY_Current_USER\Software\Bmi                                     No Action Taken
    "        "       "        Registry Value           "          "            "           "       \Micro...Value:bmimzmh
    "        "       "        Registry Key              "          "            "           "       \W29                                    "     "          "

I'll take your advise and request a second opion.  What is CC transactions. I do have my checking account in the computer and also I pay my bills online.  Thanks

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: I'm confused about avast
« Reply #21 on: January 26, 2010, 01:09:07 AM »
Run MBAM again, and this time have it remove anything it finds, then attach the log, please.

I spoke a bit soon, earlier. Looks like you are not out of the woods. I'm going to get you to run another diagnostic, and get someone else to look into this; I don't have the education to deal with it comprehensively, I'm afraid.
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #22 on: January 26, 2010, 04:36:10 AM »
Here is the log after removing them.

Malwarebytes' Anti-Malware 1.44
Database version: 3638
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/25/2010 9:33:09 PM
mbam-log-2010-01-25 (21-33-09).txt

Scan type: Quick Scan
Objects scanned: 113637
Time elapsed: 4 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WS9E3IQBKY (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmimzmhmfm (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3694
  • If at first you don’t succeed; call it version 1.0
Re: I'm confused about avast
« Reply #23 on: January 26, 2010, 08:12:47 AM »
Something is quite possibly hidden from MBAM (or not detected by it) that is causing this.
Please download OTL to your desktop, and see the instructions Here on what to do with it.
I'll PM essexboy and see if he can look at your logs.
You may have to break the log up into several sections, as it might not all fit in one reply window.
WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI.

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #24 on: January 26, 2010, 07:40:02 PM »
Here is from a quick scan of Malwarebytes etc following the instructions. It finished and said "No malcious items detected.  I down loaded OTL and will now run that.

Malwarebytes' Anti-Malware 1.44
Database version: 3641
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/26/2010 12:23:34 PM
mbam-log-2010-01-26 (12-23-34).txt

Scan type: Quick Scan
Objects scanned: 115655
Time elapsed: 1 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40632
  • Dragons by Sasha
    • Malware fixes
Re: I'm confused about avast
« Reply #25 on: January 26, 2010, 08:34:23 PM »
I have subscribed to this topic - for when you post the log  ;D

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #26 on: January 26, 2010, 09:04:41 PM »
I don't know if this will work there are tons of info on the OTL logs but I'm trying to copy and paste bit by bit. As an attachement didn't work.  I'll have to do several replys.

Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 3055 3055 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 27.57 Gb Free Space | 37.00% Space Free | Partition Type: NTFS
Drive D: | 1.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SYSTEM
Current User Name: user
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========
 
PRC - [2010/01/26 10:32:06 | 00,548,352 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
PRC - [2010/01/21 10:05:12 | 04,808,704 | ---- | M] () -- C:\Program Files\USIM Editor\iconcs209437.exe
PRC - [2010/01/21 10:05:12 | 00,065,536 | ---- | M] () -- C:\WINDOWS\system32\afasrv32.exe
PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/11/24 17:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 17:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 17:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 17:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 17:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2009/10/26 16:53:15 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/10/23 09:33:50 | 01,236,712 | ---- | M] (InternetSafety.com, Inc.) -- C:\Program Files\Internet Content Filter\SafeEyes.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/09/28 09:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/19 07:04:52 | 00,562,944 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe
PRC - [2009/09/19 07:04:50 | 00,045,312 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe
PRC - [2009/07/10 12:49:24 | 00,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/12/24 15:39:11 | 01,258,840 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Sprint Instinct Applications\MEMonitor.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 14:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/20 09:54:08 | 00,150,016 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\digital imaging\bin\HpqSRmon.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/25 00:51:40 | 00,245,760 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2007/05/25 00:51:37 | 00,131,072 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2007/05/25 00:51:36 | 00,155,648 | R--- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2007/05/25 00:51:27 | 16,132,608 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/11/22 21:10:06 | 00,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
PRC - [2006/09/28 19:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2006/02/28 06:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
PRC - [2006/02/19 02:41:10 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006/02/10 07:56:12 | 00,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\digital imaging\bin\hpqimzone.exe
PRC - [2004/06/06 22:42:30 | 00,659,456 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon06.exe
PRC - [2004/05/28 22:31:38 | 00,241,664 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
PRC - [2004/05/14 09:42:32 | 00,573,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KEM.exe
PRC - [2004/05/12 15:18:56 | 00,241,664 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
PRC - [2004/04/26 07:06:12 | 00,029,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KHALMNPR.exe
PRC - [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2004/03/01 01:40:52 | 00,077,824 | R--- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\hpbpro.exe
PRC - [2004/03/01 01:40:52 | 00,073,728 | R--- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system32\hpboid.exe
 
 

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #27 on: January 26, 2010, 09:09:26 PM »
2nd reply of OTL.

========== Modules (SafeList) ==========
 
MOD - [2010/01/26 10:32:06 | 00,548,352 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Desktop\OTL.exe
MOD - [2009/11/24 17:50:32 | 00,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2009/09/18 06:21:10 | 00,073,728 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Backup Now EZ\Pehook.dll
MOD - [2008/05/13 09:13:36 | 00,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/13 18:12:05 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008/04/13 18:11:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 18:11:56 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008/04/13 18:11:48 | 01,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2004/05/14 09:39:36 | 00,086,016 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] --  -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] --  -- (getPlus(R) Installer) getPlus(R)
SRV - File not found [On_Demand | Stopped] --  -- (getPlus(R) Helper) getPlus(R)
SRV - [2010/01/21 10:05:12 | 00,065,536 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\afasrv32.exe -- (AfaService)
SRV - [2009/11/24 17:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 17:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 17:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 17:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/09/28 09:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/19 07:04:50 | 00,045,312 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)
SRV - [2009/07/01 08:58:55 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9fa5c7d36282a) Google Update Service (gupdate1c9fa5c7d36282a)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/03 12:17:39 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/09 14:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/12/19 22:42:59 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/09/28 19:18:00 | 00,266,343 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/03/18 16:55:48 | 00,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/03/01 01:40:52 | 00,077,824 | R--- | M] (Hewlett-Packard Company) [On_Demand | Running] -- C:\WINDOWS\system32\hpbpro.exe -- (HP Port Resolver)
SRV - [2004/03/01 01:40:52 | 00,073,728 | R--- | M] (Hewlett-Packard Company) [On_Demand | Running] -- C:\WINDOWS\system32\hpboid.exe -- (HP Status Server)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 

Offline bexar656

  • Full Member
  • ***
  • Posts: 123
Re: I'm confused about avast
« Reply #28 on: January 26, 2010, 09:23:16 PM »
Sorry but I can't get this done. It keeps saying that there are to many chartacters and then I go back and can't locate where I left off. I did also locate the Extras and that is a ton of items. I don't know how I can foward them all.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40632
  • Dragons by Sasha
    • Malware fixes
Re: I'm confused about avast
« Reply #29 on: January 26, 2010, 09:50:33 PM »
upload to Mediafire and post the sharing link.