Hi everyone,
Last night I went out for a friend’s birthday party and when I came back I noticed that my laptop had restart, and that Google Chrome no longer worked at all. (Doesn’t load pages or menus, and most times just crashes on startup anyway now) I’m using 64-bit IExplorer instead. I scanned using spybot and it came up with 7 entires, which I “fixed” and then still had problems. I’ve ran Avast! several times now on a completely thorough custom scan and each time it will remove 2 or 3, tell me there were issues with some of the files and that they can’t be removed! What do I do? I fear for my online banking, which I’m not touch with a 10-foot pole til my laptop is cleaned.

Also, just for reference I have Windows 7 64-bit, and after my first “clean” and restart my computer takes forever to start up now. I had to go into task manager and Run explorer.exe manually cause it wasn’t starting despire being running except in the process list.

I scanned using spybot and it came up with 7 entires, which I "fixed" and then still had problems

Try this

Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
always run update before you scan so you have the latest database
click on the remove selected button to quarantine anything found
if anything is found you may post the scan log here

If avast! can`t remove then you should try running avast! boot scan
http://sites.google.com/site/spg20scottsweb/home/avast-5-boot-time-scan

Hello alexandermrgn and welcome to the forum.

I know you ran a Custom scan on Avast and you “fixed” it. Did anything run an Avast Full scan and put items into the Virus Chest?

Right now, please check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
· Download free http://www.malwarebytes.org/ for an on-demand scanner.
· Double Click mbam-setup.exe to install the application.
· After install, click update so you have latest database before scanning.
· Under Settings:
o General: Automatically Save File After Scan Completes is checked off
o Scanner Settings: Check all boxes
o Updater: Download and install update if available is checked off
· Once the program has loaded, select “Perform FULL Scan”, then click Scan.
· The scan may take some time to finish, so please be patient.
· When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
· Click the “remove selected” button to quarantine anything found. You will find the infection details under the Quarantine tab.
· The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
· Copy & Paste the entire report in your next reply.

After posting your MBAM report, keep your Avast definitions are up to date. You can also perform an Avast Full scan; if anything shows up, put it in the Virus Chest and do NOT delete anything.

Next, check the information on the first post of this thread under Virus/Worms for you to check your machine for malware: http://forum.avast.com/index.php?topic=53253.0.

Follow the directions for obtaining the OTL logs. Post the two (2) OTL log as an attachment (Additional Options > Attach > Browse (the logs will be on your desktop > Post). We will analyze them and instruct you further.

Please let me know if you have any questions. Thank you.

We both instructed you to run MBAM.

I do not think you will be able to run the Avast boot scan with your 64-bit machine; this feature will be available in the newer Avast release, which will be out soon.

Please follow the remainder of my instructions, but post your MBAM post first. Thank you.

Running MBAM!
I had run it without applying all the settings you asked for the first time so I stopped it halfway to reapply them, but during that halfway it did manage to pick up something nasty blegh Removed it succesfully though! Once this proper scans finishes I’ll post a log of what happens, thanks! Also, is it odd that a) my google chrome is dead and b) my internet explorer occasionally refuses to load pages? Also, will my start-up delay problems go away once the virus/ trojan/ worm/ whatever it may be is removed?

I do not think you will be able to run the Avast boot scan with your 64-bit machine; this feature will be available in the newer Avast release, which will be out soon.

Also, will my start-up delay problems go away once the virus/ trojan/ worm/ whatever it may be is removed?

Well now it’s saying I’m clean even though I know it isn’t. I’ll give it a restart and get right back to you! After 5 various scans I might actually be getting somewhere, good heavens!

Do not reboot…do the OTL log next. Thank you.

Oh…and cut and paste your MBAM log here.

Ehh…a little late on the reboot, I wasn’t sure I had it at all so I’d rebooted into safe mode and I’m in the middle of one more scan, then I’ll get back to you on those OTL logs, nothing yet after 20 minutes but we’ll see. I was looking at things that might seem at all suspicious and…I’m not very well versed in the inner workings of Skype…but does this look right? That’s a heckuva lot of firewall exception for one program.

And as an additional suspicion, where di these two users come from?? They were never there before to my knowledge…and they almost never show up except in a few certain menus. How do I remove them, cause UAC doesn’t list them as existing?
Edit OTL.txt attached, having trouble attaching Extras.txt for some reason, and I really don’t want to triple post here. I’ll try again though!

Argh, no luck attaching, keeps giving me errors so I’m really sorry for the triple post! I’ve attached extras.txt here because it wouldn’t attach to the previous. Thanks for the help, it’s really appreciated!

Essexboy will look at your log`s when he arrives, late uk time

As this is a 64bit system I have few automatic tools that work so I will need to go in baby steps. On completion of this run can you let me know what problems you are having. Also did you set this proxy ?
“ProxyServer” = 198.163.152.230:3128

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL [2010/10/03 14:00:59 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe

:Files
ipconfig /flushdns /c
C:\Windows\tasks\At*.job

:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

All done! I can access my folders again Oh happy day! Thank you so much. I definitely did not install a proxy myself, but I am on a University network? (But they didn’t install anything either) Would that be why my Google Chrome still refuses to load any pages? It just sits spinning on a blank page.

OK I will remove the proxy - if it is legit you may need to reset it

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL IE - HKU\S-1-5-21-1923341402-1981331949-2595207276-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 198.163.152.230:3128

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done

As for Chrome that may need a re-install. Again after this run let me know of any problems

None yet! Excellent, thanks so much! I appreciate your time and effort in this matter. I will reinstall Google Chrome at some point in the future, though I have re-discovered Firefox for the moment, huzzah!

Nice ;D

Run OTL and hit the cleanup button and it will disappear like magic