Long time user finally infected!

I have been a Avast user since 2004 starting with the Free edition to Pro and now using Avast Internet Security 2015, over the Years I have Highly recommended this product to Family & Friends but was shocked 3 days when I was Infected by a Unknown Adaware Trojan. Avast has always stopped or Warned me prior to any possible Infection, but I ran a complete search twice because it came up empty both times, then I expanded to other possible problems but a Friend suggested AdwCleaner, as I stated I never had to use any other software in the past but he had experienced the same Issue. AdwCleaner detected and removed several infections, I am only writing so the Avast Team is aware that some things slipped through the cracks, as I stated I am Happy with Avast and am Posative your Team of Experts will do all within their power to fix this but now the Flawless Armored finish has a Stain.

Randy38

Hello

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Hi Randy. Welcome to Avast Forum.

Unfortunately no AV is 100 % foolproof, and adware have a way to slip throug in perfectly safe free programs when we do not read all windows of the intallation to uncheck undersirasble toolbars and such.

One thing you could do for us is to attach AdwCleaner log to see what was detected.

Also make sure you have " Scan for potentially unwanted programs ( PUPs ) " activated.

Open Avast > Settings > General > Scan for potentially unwanted programs ( PUPs )

Try Unchecky. It does a great job avoiding those PUP.

Follow argus’ instructions to make sure you do not have anything else in your system.

[b]AdwCleaner[/b] detected and removed several [b]infections[/b],
No it did not ..... the program name should give a idea of what it does ;)
AdwCleaner is a free removal tool for :

Adware (ads softwares)
PUP/LPI (Potentially Undesirable Program)
Toolbars
Hijacker (Hijack of the browser’s homepage)

Thanks iroc9555 for the Friendly Welcome, tbh it is about time after so many years :wink: No need to get uptight Pondus, I am aware of what Adwcleaner does, if it is on my Rig I call it an infection and I should have been more specific ::). My intention was not to dispute Avast but show that it has been an effective Tool. I do have scan for PuPs ticked as you suggested iroc9555 and will try unchecky, as I discovered Farbar is a great tool to have as well and appears to Best Adwcleaner. I hope the Data uploaded which contains information about Software/Games and other Data will not be misused or abused :-X & Hopefully will only be seen by Admins here ???. I appreciate the help & please feel free to further advise me on any improvements that I can make, Thank You everyone 8)

You are welcome.

Yes, FRST is great in the right hands, and no, there is nothing in there that can be used against you.

Just let argus check it out and he will return with a script to cleanse your system. You have to wait though since he is in Europe and it is very late over there already. Follow its instruction he is a member of ASAP and a specialist in removing malware.

Great I appreciate the Help, Time I have and it is late over here in Europe, although I am American I live in Germany with my Family :slight_smile:

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

Chrome installation is altered by malware. Reinstall is needed.

Export your bookmarks
https://support.google.com/chrome/answer/96816?hl=en

Close all Chrome windows and tabs.
Go to the Start menu > Control Panel.
Click Programs and Features.
Double-click Google Chrome.
Click Uninstall from the confirmation dialog. Delete your user profile information, like your browser preferences, bookmarks, and history, select the “Also delete your browsing data” checkbox.

Click Start, copy in search [B]%LOCALAPPDATA%[/B] and remove folder Google

Download Chrome
https://www.google.com/intl/en/chrome/browser/desktop/

Thanks argus for the fast response, I followed your Instructions (see attachments for the Fixlog) but I do not have Chrome installed and the folder is not there either, is it needed?

Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - G:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

The remains Chrome were are on your PC, anyway, how’s your computer behaving now?

I have noticed a Huge performance boost, no lag or slow programs ;D but it worries me that I cannot find those Chrome remains, I can only hope they were fixed but as a rule of thumb How often should I run these scans? I do a complete scan with Avast once a week.
I Do Thank you all for the assistance here, I would still have unwanted trash if it were not for you all 8)

FRST scan is done solely when you need help from a remover speacialist. It only works when the expert give you a script for the fix.

AdwCleaner can be run if you think you have caught some adware, toolbar, etc.

If you want a second opinion, you can install Malwarebytes ( MBAM ). It is the perfect companion for Avast, and run by most security experts. If you take a look at most veterans’ signature here in the forums you will see that most of us have it in our machines.

I am not big in scanning my system since Avast analyzes everything I download, read, write or execute. Nevertheless I do a quick scan with MBAM weekly.

Install again Chrome.

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Make sure that Addition option is checked.
[*]Press Scan button and wait.
[*]The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

I ran the scan again and both docs are attached ;D

How’s your computer behaving now?

Running smooth like it was freshly Installed, I do appreciate the Help 8)

The following will implement some post-cleanup procedures:

Download DelFix by Xplode and save it to your desktop.

[*]Run the tool by right click on the
http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.png
icon and Run as administrator option.
[*]Make sure that these ones are checked:

[]Remove disinfection tools
[
]Purge system restore
[*]Reset system settings

[*]Push Run and wait until the tool completes his work.
All tools we used should be gone. Tool will create an report for you (C:[B]DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.