I use avast antivirus, wich I find really usefull and effective, but a few days ago my pc seemed to get mad. Whenever I go into the web, publicity pages and specially virusalarm pop up. I also receive a message, apparently from microsoft, that tells me to download this new antivirus cause I’ve got a malware. I’ve tried to ignore it, scanning with avast (it says I’m clean) but it keeps going on. I don’t have much idea…what should I do? Is it really inffected? And if it is…why didn’t avast stop it? Thank you in advance
well if it is coaxing u to buy the product it…is one of the many applacation which installs it self on ur comp with out ur apporval…it may be included in some other application which u installed… or it can install it self using ur ActiveX controls…just by visting a webpage u can get infected…
there are no other malware on ur system …but the thing warning u is a malware it self…
so can u be more specfic on which sofware gives u this warning…
avast is a anti-virus even though it detects spyware u should consider cleaning ur system with a anti-spyware software eg
spybot S&D http://www.download.com/3000-2144-10122137.html or
AVG anti-spyware http://www.filehippo.com/download_ewido/
try cleaning ur sys with these and then report back ;D
Hi!
Thank you so much. It seems I was in trouble…123 totall infections. The inform is really long, so I only show the ones that are in “cuarentena” (I can’t think of the word in english, sorry!) here it goes:
C:\Documents and Settings\Administrador\Datos de programa\WinAntiVirus Pro 2006 → Adware.RogueSuspect : Limpios con copia de seguridad (en cuarentena).
C:\Documents and Settings\Administrador\Datos de programa\WinAntiVirus Pro 2006\Logs → Adware.RogueSuspect : Limpios con copia de seguridad (en cuarentena).
C:\Documents and Settings\Administrador\Datos de programa\WinAntiVirus Pro 2006\Logs\update.log → Adware.RogueSuspect : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\Cache → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\Thumbs.db → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\about.html → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\basis.xml → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\deskbar.crc → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\deskbar.inf → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\icons.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\inst.bat → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\mbback.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\mbbigopen.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\mbclose.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\mbfwd.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\mblogo.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\mbsep.bmp → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\options.html → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\softomate.gif → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Deskbar\version.txt → Adware.Softomate : Limpios con copia de seguridad (en cuarentena).
C:\System Volume Information_restore{C956519E-799B-4211-99C6-F65269952968}\RP181\A0069812.exe → Adware.Spysheriff : Limpios con copia de seguridad (en cuarentena).
C:\WINDOWS\system32\av.cpl → Adware.WinAntiVirus : Limpios con copia de seguridad (en cuarentena).
C:\WINDOWS\system32\mmx19g.sys → Backdoor.Haxdoor.jr : Limpios con copia de seguridad (en cuarentena).
C:\WINDOWS\system32\qz.sys → Backdoor.Haxdoor.jr : Limpios con copia de seguridad (en cuarentena).
C:\WINDOWS\system32\qz.dll → Backdoor.Haxdoor.kd : Limpios con copia de seguridad (en cuarentena).
C:\Archivos de programa\Archivos comunes\uozo\uozod\vocabulary → Downloader.TSUpdate.j : Limpios con copia de seguridad (en cuarentena).
C:\WINDOWS\system32:lzx32.sys → Hijacker.Costrat.o : Limpios con copia de seguridad (en cuarentena).
.
C:\WINDOWS\T0xJ\nXUL.vbs → Trojan.Small : Limpios con copia de seguridad (en cuarentena).
C:\WINDOWS\uninstall_nmon.vbs → Trojan.Small : Limpios con copia de seguridad (en cuarentena).
Also a message from haali splitter kept showing up during the analisis: Avi: Strem count does not match strl contents.
As you can see I have no idea on computers…Do you think I should uninstall this haali application?
Thank you again and sorry for the long, long inform!
Please, follow general cleaning instructions…
-
Disable System Restore on Windows ME or Windows XP. System Restore cannot be disabled on Windows 9x and it’s not available in Windows 2k. After boot you can enable System Restore again after step 3).
-
Clean your temporary files. You can use CleanUp or the Windows Advanced Care features for that.
-
Schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot. Other option is scanning in SafeMode (repeatedly press F8 while booting).
-
It will be good if you download, install, update and run AVG Antispyware. Some users recommend SUPERantispyware, Spyware Terminator and/or a-squared (take care about false positives).
If any infection is detected, better and safer is send the file to Quarantine than to simple delete than. -
If you still detecting any strange behavior or even you’re sure you’re not clean, maybe it will be good to test your machine with anti-rootkit applications. I suggest AVG, Panda and/or F-Secure BlackLight.
-
After you’re clean, use the immunization of SpywareBlaster or, which is better, the Windows Advanced Care features of spyware/adware cleaning and removal.
And when you’re clean, check for insecure applications with Secunia Software Inspector:
http://secunia.com/software_inspector/
Update insecure applications to avoid re-infection.
Hello again!
Thank you so much for your advice! The thing is that I’ll have to postpone it to next week cause I’m on my last week of exams -so I don’t have much time (nor serenity), and also cause I prefer to wait until a friend of mine comes back (cause he’s the expert and he was the last one to “heal” it). I forgot to mention I had already had problems, before installing avast. I thought they were over, but you never know with this things.
Also, I already installed AVG antispy, following Sasin’s advice. The inform I handled out out was the result of its scan.
The word I needed in english was quarantine (thanks Tech) which is the state the files are on right now. I won’t accede to internet during this week (from my computer), and when I get everything done I’ll inform you back.
Thank you once more
all the best for ur exams lil…
i have mine going on. ;D ;D
Did you use another antivirus in the past? Which one?
Good luck in your exams 8)
I used norton, but I think the problem was that I had it installed long before having access to internet… ???
Thank you for support, I think I’ll need all that good luck (if my exams go on like my computer does!).
As I said, I’ll keep you informed.
Good luck to you, Sasin!
I finished!!! ;D
Well, everything seems to be OK. My friend came and cleaned up the computer. Now it’s working perfectly, no problems at all; No more strange pop ups or messages. Both scanners, avast and avg say it’s clean, so I think that’s it…at least I hope so! What do you think, is it allright now?
To be sure, the better will be test your computer with on-line scanners:
Kaspersky (very good detection rates)
Trendmicro housecall
AVGas (does not necessary if you have AVG antispyware installed)
F-Secure
BitDefender (free removal of the malware)
HitmanPro (new online scanner with multiply scanners)