Help

[DavidR]

As I said in my reply #23 above, if it is already in the SAS Quarantine (you won't find it on your PC) a protected area, the only option is to restore it (and that carries a limited risk, which you had before any detection, but avast is blocking that) to the original location.

Then add it to the avast chest (where it can be submitted later) then run SAS again and allow it to quarantine it again. Now it can be submitted to avast from the sample you put in the avast chest. I understand anyone's reluctance to restore if from the SAS Quarantine, which is why it is important to add it to the avast chest before taking that action.

[Phobos]

To David R, If someone else is working on this, could you explain how to find it in the PC, to send a sample to avast as SAS does not give much info about it once it's in SAS Quarantine ?

to: Phobos, I'm glad it worked for you, I forgot to say that after all seemed well again I went to System restore and created a new restore point.

You're welcome ... and yes, i did that ... thanks.

[Phobos]

As I said in my reply #23 above, if it is already in the SAS Quarantine (you won't find it on your PC) a protected area, the only option is to restore it (and that carries a limited risk, which you had before any detection, but avast is blocking that) to the original location.

Then add it to the avast chest (where it can be submitted later) then run SAS again and allow it to quarantine it again. Now it can be submitted to avast from the sample you put in the avast chest. I understand anyone's reluctance to restore if from the SAS Quarantine, which is why it is important to add it to the avast chest before taking that action.

I would have done that, however i could not (and cannot) understand 'how' ... when the avast popup occurred, i would click on it (nothing) ... then i went to the 'network shield' section so i could see the problem - i could see it in the 'last analysed connection' part - clicked on it (nothing) - looked in 'traffic history' (nothing), 'report file' (nothing), and then wondered if i had some settings that were affecting my ability to see more details about the popup so that i could a) understand its origins, and b) do anything about it (eg: add to chest)

Note (if it helps) it involved the removal of 2x trojan.Dropper/Win-NV in C:\WINDOWS\MSVIDEO.DLL

[djDave]

 Phobos: I know what you mean, that's the way it was for me also. When moved into SAS Quarantine, I could not r/click on it for properties, so I was not sure if I could find it, or if restoring it - would change it in some way??? At least for now the darn thing is gone and has not come back...Have a great day...  dave

[djDave]

Goodbye:
media9s.com/cgi/crhwmrxg.php?gggg=6733616xxx
nopagency.com/cgi/kpudd.php?ddddd=6733616xxx
88.80.7.152/cgi/oejo.php?dsi=6733616xxx (no xs on the ends)

This is the 4th day since I did the cleaning as reported in reply #22 and all is still well here. I did a complete scan with SAS today and all came up clean ! I'm running XP and IE. I don't know if this works the same for others, but it has for me. Thankyou Avast and everyone that helps here...djDave
PS: Have a great weekend...

[xseoer]

Goodbye:
media9s.com/cgi/crhwmrxg.php?gggg=6733616xxx
nopagency.com/cgi/kpudd.php?ddddd=6733616xxx
88.80.7.152/cgi/oejo.php?dsi=6733616xxx (no xs on the ends)

This is the 4th day since I did the cleaning as reported in reply #22 and all is still well here. I did a complete scan with SAS today and all came up clean ! I'm running XP and IE. I don't know if this works the same for others, but it has for me. Thankyou Avast and everyone that helps here...djDave
PS: Have a great weekend...

Refusal IE !
Recommend Firefox !

[lizhou]

Goodbye:
media9s.com/cgi/crhwmrxg.php?gggg=6733616xxx
nopagency.com/cgi/kpudd.php?ddddd=6733616xxx
88.80.7.152/cgi/oejo.php?dsi=6733616xxx (no xs on the ends)

This is the 4th day since I did the cleaning as reported in reply #22 and all is still well here. I did a complete scan with SAS today and all came up clean ! I'm running XP and IE. I don't know if this works the same for others, but it has for me. Thankyou Avast and everyone that helps here...djDave
PS: Have a great weekend...

Refusal IE !
Recommend Firefox !

Hi guys!
Can you help test my website in china ?
My website named GHD

[Pondus]

Hi guys!
Can you help test my website in china ?
My website named GHD

This page seems to be <clean>
http://www.UnmaskParasites.com/security-report/?page=www.ghdtradezone.com


URLvoid

Scanning site with:   AMaDa     CLEAN
Scanning site with:   BrowserDefender     UNRATED
Scanning site with:   Finjan     CLEAN
Scanning site with:   Google Diagnostic     CLEAN
Scanning site with:   hpHosts     CLEAN
Scanning site with:   Malware Patrol     CLEAN
Scanning site with:   MalwareDomainList     CLEAN
Scanning site with:   McAfee SiteAdvisor     UNRATED
Scanning site with:   McAfee TrustedSource     UNRATED
Scanning site with:   MyWOT     DETECTED
Scanning site with:   Norton SafeWeb     UNRATED
Scanning site with:   ParetoLogic URL Clearing House     CLEAN
Scanning site with:   PhishTank     CLEAN
Scanning site with:   SURBL     CLEAN
Scanning site with:   Threat Log     CLEAN
Scanning site with:   TrendMicro Web Reputation     CLEAN
Scanning site with:   URIBL     CLEAN
Scanning site with:   Web Security Guard     UNRATED
Scanning site with:   ZeuS Tracker     CLEAN


WOT
http://www.mywot.com/en/scorecard/www.ghdtradezone.com