system
1
Hi I’m having two virus issues as of late.
around 3 weeks ago a updater program started popping up on the bottom corner of my screen whenever there is a new update available for some of my programs. ie. skype, yahoo, vlc player… I’ve never seen this updater program before, it also asks me to download delta toolbar. The program is from file.org which is a suspicious website. I seems to be an adware virus but I can’t get rid of it. I’ve ran combofix, eset scanner, malwarebytes, rkill, jrt and a few others with no joy. My next virus issue accord when I ran a full scan with avast a week ago. I seem to be infected by many MOV:CVE-2011-2140 viruses. I quarantined what I found and ran another full and boot time scan and I’m affected again with the same MOV:CVE-2011-2140 virus. as of right now I’m pretty lost as to what to do about these problems. If anyone could help I would appreciate it :-[
Ive attached a picture of how the updater popup virus looks
Asyn
2
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
system
3
Here are the logs. I’m not sure if adw finished as I didn’t see “scan finished successfully” like in the example.
I reckon this is running as a task, could you attach the combofix log please
Could you go here http://technet.microsoft.com/en-gb/sysinternals/bb963902 and run Autoruns
Select the Scheduled tasks tab
Once it has completed could you attach a screen shot please
system
8
You were right I see the updater program, its high lighted in blue.
Could you remove the tick in autoruns for that entry and then expand the location line to see what file it is … Something in programme files but I cannot read it all
system
10
Sorry for the slow reply. the screenshots are attached. I got an error when I tried to untick the program.
It look like it is running from c:\Program files\vile type assistant is that correct as it is a bit hard to read
system
12
this picture should be better. you can see all the info on the bottom.
system
13
I found it. now to get rid of this sucker.
Do you recognise the programme at all ? Is it in your uninstall list ? If not I will use OTL to remove the folder and then autoruns will enable you to stop the task
system
15
No I don’t recognise it. I had a look and I don’t see it in the uninstall list either. what’s otl?
system
16
sorry I just realised I used otl when I initially did my pc scans. how do I remove that folder?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Files
C:\Program Files (x86)\File Type Assistant
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
system
18
Thank you for all the help essexboy
The log is attached. Do you know how to solve the other virus problem I’m having the (MOV:CVE-2011-2140) whenever I do a full avast scan that infection keeps coming up.
Has the update disappeared now ?
For Java do you actually need it on your computer ?
system
20
I no longer see the file assist so yes I believe so. thank you a million for this.
I also just read some not so good news about having java installed so I’m going to uninstall it for a few weeks and see if I can do without it.