virus found in c drive

hello

i scan my pc today 2 times and i did not got any virus at that time but now i got pop up from avast that i have threat in file system.how threat automatically comes there even in scaned 2 times and not get anything alert. i got this alert yesterday also and i scanned yesterday morning also but i did not got any alert from avast.this pop up alert came in noon yesterday.is any file is creating virus in my c drive?

Do you have kryptonite next to your PC ??? ;D That might explain these constant, ever-changing problems you have :wink:

To be serious, though, did your definitions update between scans? That could be why no detection first two times.
And yes, a virus can replicate/spread.

Do you have kryptonite next to your PC That might explain these constant, ever-changing problems you have
;D ;D ;D

I think you need your computer checked by Essexboy…

no i scanned after definitions updated.

i think free avast unable to find a file which is creating threats in file system in c drive.

how can avast find it? anything i can do to search it?

http://forum.avast.com/index.php?topic=53253.0

As Pondus said, perhaps you need the help of Essexboy. Follow the guide at start of linked topic. Post logs as attachments, send him a P.M. asking for help.

If you have WINDOWS XP SP2 and can not update then maybe you have a pirated version of XP and therefore can not be helped. ???

Might be the latest TDSS variant - I haven’t had one yet

Hi there let me see what you have

http://www.geekstogo.com/misc/guide_icons/gmer.png
GMER Rootkit Scanner - Download - Homepage
[] Download GMER
[
] Extract the contents of the zipped file to desktop.
[*] Double click GMER.exe.

http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif

[*] If it gives you a warning about rootkit activity and asks if you want to run a full scan…click on NO, then use the following settings for a more complete scan…
[*] In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED
[] IAT/EAT
[
] Drives/Partition other than Systemdrive (typically C:)
[*] Show All (don’t miss this one)

http://www.geekstogo.com/misc/guide_icons/GMER_thumb.jpg

Click the image to enlarge it

[*] Then click the Scan button & wait for it to finish.
[*] Once done click on the [Save…] button, and in the File name area, type in “ark.txt”
[*]Save the log where you can easily find it, such as your desktop.
CautionRootkit scans often produce false positives. Do NOT take any action on any “<— ROOKIT” entries
Please copy and paste the report into your Post.

THEN

Download OTL to your Desktop

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]Select Scan all users
[*]Under the Custom Scan box paste this in


netsvcs
drivers32
%SYSTEMDRIVE%*.*
%systemroot%\Fonts*.com
%systemroot%\Fonts*.dll
%systemroot%\Fonts*.ini
%systemroot%\Fonts*.ini2
%systemroot%\Fonts*.exe
%systemroot%\system32\spool\prtprocs\w32x86*.*
%systemroot%\REPAIR*.bak1
%systemroot%\REPAIR*.ini
%systemroot%\system32*.jpg
%systemroot%*.jpg
%systemroot%*.png
%systemroot%*.scr
%systemroot%*._sy
%APPDATA%\Adobe\Update*.*
%ALLUSERSPROFILE%\Favorites*.*
%APPDATA%\Microsoft*.*
%PROGRAMFILES%*.*
%APPDATA%\Update*.*
%systemroot%*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu*.lnk /x
%systemroot%\system32\config\systemprofile*.dat /x
%systemroot%*.config
%systemroot%\system32*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch*.lnk /x
%USERPROFILE%\Desktop*.exe
%PROGRAMFILES%\Common Files*.*
%systemroot%*.src
%systemroot%\install*.*
%systemroot%\system32\DLL*.*
%systemroot%\system32\HelpFiles*.*
%systemroot%\system32\rundll*.*
%systemroot%\winn32*.*
%systemroot%\Java*.*
%systemroot%\system32\test*.*
%systemroot%\system32\Rundll32*.*
%systemroot%\AppPatch\Custom*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads*.*
%PROGRAMFILES%\Internet Explorer*.tmp
%PROGRAMFILES%\Internet Explorer*.dat
%USERPROFILE%\My Documents*.exe
%USERPROFILE%*.exe
%systemroot%\ADDINS*.*
%systemroot%\assembly*.bak2
%systemroot%\Config*.*
%systemroot%\REPAIR*.bak2
%systemroot%\SECURITY\Database*.sdb /x
%systemroot%\SYSTEM*.bak2
%systemroot%\Web*.bak2
%systemroot%\Driver Cache*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites*.url /x
%systemroot%\System32\Wbem*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs

i got super anti spyware and i scanned memory,startup locations,registry,cookies

check this site.

http://www.superantispyware.com/applicationdisplay.html?id=1000000242&trial=no&activated=no&appid={97CD2258-5E67-4B67-A5C3-E9100EF624FE}

i got infected by Adware.Tracking Cookie

is this a trojan or virus?

An Adware.Tracking Cookie is not an infection.
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

I suggest you get on with essexboy’s instructions to get to the bottom of this as it has nothing to do with an Adware.Tracking Cookie.

do u mean pirated os windows xp sp2 gets infeced by viruses even i got antivirus?

Yes!

Support for Windows XP Service Pack 2 ends on July 13, 2010
http://support.microsoft.com/gp/lifean31

Yes, you are essentially cutting Avast! off at the knees by using an out-dated O.S., pirated or otherwise.
Same with any other A.V., they are only as strong as the O.S. they are running on.

just what I said a few days ago no ??? ;D
http://forum.avast.com/index.php?topic=63076.msg532622#msg532622

but in my country all using pirated os bcoz original os is costly and also av is available for pirated os. ppl using antivirus in pirated os only.

all ppl here using antivirus in their pirated os then also they not getting problem.

my pc engineer said that there is nothing problem to use pirated os in here bcoz everything works good in this os.

here we got windows xp,windows vista,windows 7 and all they are pirated.

my engineer said not to switch on firewall bcoz it creates problem bcoz my engineer has installed pirated os in my desktop.

i heard that there is free firewall available. if i download free firewall software and if i switch it on then is this solves my problem?

Kripton >>> pirates are not welcome on this forum. There are very cheap versions of Windows called “starter” and “basic”. If you still prefer to steal the product and find “arguments” to justify that, YOU’RE ON YOUR OWN.

ok thanks dear.

do u know any site link where i can download free windows xp sp3 os

do u know any site link where i can download free windows xp sp3 os
lots of, the problem is all the free one is pirate software ::) and usually comes with malware included ;D

I must be dreaming ::slight_smile:

in morning i gone to repair my pc bcoz it was not showing display in my screen so may be if my engineer formats my c drive then avast will get deleted from it.

if i copy avast folder which created while installing avast and then i paste that folder again in my formatted pc in my c drive inside program files, then does avast works or not.my avast is updated till today so i not want avast get deleted bcoz i use dial up so it hard to update with dial up.

I concur as a matter of principle I do not clean pirated systems as it is a waste of time and illegal.