My mom’s computer has a trojan - i m not sure what kind, but i couldn’t move it to the virus chest. now i cant move anything to the chest at all. its RPC commuication failed. what can i do to get the chest to work? or are there any other steps i could take to get rid of the viruses on the computer?
thank you 
Can you try to repair your installation?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove. Then choose Repair function in the popup window (Repair). You must be connected to the internet while repairing.
If this does not help, can you uninstall / boot / install / boot again?
Do you have any other antivirus installed in your computer?
Did you have in the past? Which one?
Do you use a firewall? Which one?
Also, take a look into Administrative Tools > Services
and see how the four avast services are set to start (automatically or manual).
you guys respond quick. awesome!
ok, i repaired and its scanning now so i can see if it worked.
We did have norton, but its been uninstalled for a while - ever since we got the avast trial. When the trail ran out, they didnt tell me so there was no protection on here for 3 days. then i turned around and downloaded the full year version.
it is under a firewall - windows i think
ill reply as it gets done scanning and let you know if it worked.
thank you
Be used to avast forum speed 8)
No problems.
Sorry it took me so long to get back, i had to go out of town.
ok before the avast scanner said its was infected - now it says running.
ive used the norton removal tool
spybot says its clean - but keeps pooping up saying there was change made in the blacklist registry, and i keep dening it.
avast popped one thing abou the trojan the other day and i couldnt move to the chest. now every time i scan it doesn’t say anything about the trojan - how can know if its really gone or not?
Thanks
I suggest you follow the general cleaning procedures:
ok - i did all those except 7 and 8, b/c i figured there wasn’t much point unitl i know its gone.
there are no rootkits, and not one of those found the trojan.
any other ideas
oh here’s the logfile
thanks
C:\WINDOWS\microsoft.net\framework\v1.1.4322\aspnet_state.exe (ASP.NET State Service)
c:\windows\system32\drivers\sunkfilt.sys (Alcor Micro Corp Reader)
c:\windows\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
c:\windows\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
c:\windows\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
c:\program files\common files\microsoft shared\information retrieval\msitss.dll (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}
c:\windows\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}
c:\progra~1\blstoo~1\blstoo~1.dll {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E}
c:\program files\canon\easy-webprint\toolband.dll {327C2873-E90D-4c37-AA9D-10AC9BABA46C}
c:\progra~1\blstoo~1\blstoo~1.dll {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E}
Zone: objects.aol.com : *.objects.aol.com
c:\program files\superantispyware\sasseh.dll (SuperAdBlocker.com) {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}
c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
c:\program files\superantispyware\saswinlo.dll (SUPERAntiSpyware.com)
CustomizeSearch HKLM : http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Default_Page_URL HKLM : http://www.aol.com
Default_Search_URL HKLM : http://www.google.com/ie
Search Page HKCU : http://www.google.com
Search Page HKLM : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchAssistant HKCU : http://www.google.com/ie
SearchAssistant HKLM : http://www.google.com/ie
SearchUrl HKCU : http://www.google.com/search?q=%s
ShellNext HKCU : iexplore
Start Page HKCU : http://securityresponse.symantec.com/avcenter/fix_homepage/
Start Page HKLM : http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
&AOL Toolbar search : res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
E&xport to Microsoft Excel : res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Easy-WebPrint Add To Print List : res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
Easy-WebPrint High Speed Print : res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
Easy-WebPrint Preview : res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
Easy-WebPrint Print : res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
dontdisplaylastusername : 0
shutdownwithoutlogon : 1
undockwithoutlogon : 1
{09826001-48e5-11da-bf8e-806d6172696f} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
{0992de21-e73c-11da-bfb3-0040ca8f2da5} : J:\setupSNK.exe
{1019e541-51ec-11da-9c61-806d6172696f} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
{815a0671-62bc-11da-b957-806d6172696f} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
J : J:\LaunchU3.exe -a
Well now you are clean as far as we can tell, prevention is much better than cure:
7. may help in the future to in blocking malicious sites,
8. will show programs that require update, this could close exploits leaving you less vulnerable.
So those steps could wel save you some grief in the future.