(2) Quarantined files

I have a dual core AMD X64 5000+ dual core processor running WinXP Pro SP3 and i believe 4 GB of RAM (Asus M3A78 EMH-HDMI motherboard if i remember correctly).

The back scanner (i believe the Avast scanner) caught a trojan? when i visited this link e-mailed to me (old photos) from a friend. Actually, when i got to that site, i didn’t get the pop-up until i tried clicking a link on that page for some other photos. When i clicked that link, that’s when the background scanner popped up with the nuclear sign indicating something has been intercepted.

http://do-while.com/wtf-photos-from-old-times/

The back scannner mentioned that it stopped it from going to my computer, so i pressed abort and then immediately closed my firefox 3.5.5 browser.

I ran Avast 4.8 Home (build: SEP2009 4.8.1356) and it picked up i think a total of 4-5 things. When i viewed the log, 2 couldn’t be quarantined. I then ran the scanner again and the two that couldn’t be quarantined disappeared. I ran malwarebytes, it didn’t find anything, then i downloaded and ran SuperAntiSpyware and it found (10) Adware tracking cookies that i quarantined. I also ran Spybot Search and Destroy and it found nothing. I then re-ran AVast and it found nothing. I’m guessing that AVast has corralled the malware and I’m ok? Is there more i need to do?

This is what is quarantined in my chest (image).

I’m sorry that i didn’t get all the steps, should’ve came here first and read the “steps”, but i’ve tried to give as much info as possible. I have the Super AS log, but it looks like mainly harmless cookies.

NOTE: My “HiJackThis” log file is included at the bottom of this post. I’m not really savvy when it comes to stuff like this, so i thought i would include the file and see if anyone has any recommendations. Thanks!

http://i160.photobucket.com/albums/t163/holypiston/Avastchest1.jpg

Kevin

Hi XPProSP3, welcome to the forum :slight_smile:

The two things in the chest:

  1. (A0029706.dll) Is part of a restore point:
  1. (avmanagerunified.dll) This has been confirmed as a False positive, you should be able to restore it.
    http://forum.avast.com/index.php?topic=51938

Instructions, can be found here:
avast! Support article: Restoring a false positive file from the Virus Chest

It is worth noting that a copy will still remain in the chest. Check that the restore has worked, by finding the file in the location it should be, and then if wanted you can delete the file from the chest.

The website:

I get no alert on the website. It was most likely an alert on a page deeper in. The point with that detection is that the avast! web scanner has blocked the malware from downloading to your pc. You are safe.

I am not adept enough to look over you HJT log, maybe someone else may do so though.

Also, we are at version 4.8.1368 with avast!, you should update your program version.

-Scott-

Thank you for your help Scott!! ;D (my friend Scott sent me that link!). I updated both AVS & Program itself is updated. Followed the instructions to the link you gave me. I think my problem is solved. I’ll probably scan the whole system again with Avast just to be sure.

Deleted both chest files. I had an existing identical copy of avmanagerunified.dll in my existing folder (same path) and it scanned good with the updated scanner before I deleted it’s twin brother in the chest.

Looks like I’m good to go. 8)

You’re Welcome, glad to help :slight_smile:

-Scott-