system
1
:-[
Yesterday i tried out avast, because i suspected i had a virus…
and sure enough , avast found the problem and fixed it , at least that what the program said.
The problem is that none of the fixed files work anymore. When i click on them i just get a dos window for a sec…
So my question is , do i get rid of these files or can they be restored…???
doppler
system
2
Hi,
please read the link “VirusRemoval” below in my sig and come back with some useful info, e.g.:
- virusname(s) and location(s)
- windows-version & avast-version
- hijackthis-log
- results of onlinescanners
did you try the CLEANER from www.avast.com ?

system
3
Hi,
thanks for replying to my message.
you wanted some more information:
- virusname(s) and location(s)
Virus Win32:Parite-B found in memory: xbj9.tmp (ID=1440/0x5A0)… virus deactivated.
Virus Win32:Parite-B found in memory: xbj9.tmp (ID=1720/0x6B8)… virus deactivated.
Virus Win32:Parite-B found in memory: kma1.tmp (ID=1992/0x7C8)… virus deactivated.
- windows-version & avast-version
windows Xp, avast (virus database: 0441-0,04-10-04)
Logfile of HijackThis v1.98.2
Scan saved at 21:06:05, on 7-10-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\LifeView TVR\RecSche.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Eraser\eraser.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\lvhidsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
O4 - HKLM..\Run: [Zone Labs Client] “C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [nwiz] nwiz.exe /install
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM..\Run: [RecSche] “C:\Program Files\LifeView TVR\RecSche.exe”
O4 - HKLM..\Run: [ScanRegistry] C:\W
O4 - HKLM..\Run: [WinDVRCtrl] C:\WINDOWS\WDVRCtrl.exe
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
- results of onlinescanners: i dont know what this means…
Maybe i was a bit unclear yesterday (bit pissed of because i lost all those files), but i just wanna know if i can restore these files, avast said it fixed them but they dont work…If they are useless, fine i’ll get rid of them and have a fresh start…most of them are old anyway…but then some can’t be replaced…
All the files that dont work have a DOS pictogram and open the dos window for a sec .
I’m glad that the avast software did clean my harddisks, the only problem i have with the software is that the interface seems to simple to me, i know that sounds strange. What i mean is that userfriendly has gone over the top and leads to a user that has no idea what the software is actualy doing…,
greetings
doppler
Eddy
4
Fix this one:
O4 - HKLM..\Run: [ScanRegistry] C:\W
These ones are not needed for the system to work, you can safely remove them if you wish:
O4 - HKLM..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
But most importantly visit Windows Update your system is not up-to-date with the ALL security patches/updates which makes it very vulnarable to infections.
system
5
@1) that’s all that*s in the report ?
removing/deleting a virus from memory or .TMP-files can’t hurt your system or disable any necessary files
→ please browse through the LOGS/reports again
and run the avast-CLEANER
@2) in the link " VirusRemoval" below you’ll find links to Onlinescanners TREND & RAV → scan the whole PC with them and report or repair infections
-
HOW did you/avast FIX the infections ?
by repairing/Cleaning, moving or deleting the files… ?
-
and follow eddy’s instructions

system
6
Yo ,
Thanks for replying, but didn’t really have an awnser to my problem. Maybe i didn’t explain it right, so i’ll try again…
-some of my *.exe files started failing, so i suspected i had a virus.
-i downloaded avast , and sure enough the software found and destroyed the virus. For witch it has my undying gratitude …
-It also (automaticly) started fixing files that had been infected…Great i though
-The problem is that a lot of these files (*.exe’s) that were fixed dont work anymore, instead of there usssual pictogram they now have a dos pictogram, and when i open them they just bring up the dos window for a sec…
-So my question is : can these files be restored or do i get rid of them.
Most of them are old junk and shareware programs that should be updated anyway but some cann’t be replaced…
I tried to get the cleaner as suggested but :
http://www.avast.com/eng/products/free_software/cleaner/avast_virus_cleaner.html
Seems to be a dead link…
thanks again
doppler
Eddy
7
Just reinstall the damaged applications or remove them if you don’t use them.