system
August 17, 2010, 3:12pm
1
Avast found this virus Win32:Malware-gen on the Jiao Mpeg Player exe file, I deleted the program. Again scanned, now it shows on another file, the screenshot is attached
http://img194.imagevenue.com/loc459/th_56890_virus_122_459lo.JPG
[url=http://img194.imagevenue.com/img.php?image=56890_virus_122_459lo.JPG][img=http://img194.imagevenue.com/loc459/th_56890_virus_122_459lo.JPG][/url]
I tried to download some .exe files from the Internet, it redirects that page to PAGE UNKNOWN when I click on the .exe files.
from the picture i see that avast detect the trojan in system restore folder so you can do a full system scan to ensure there is no malwares on your system.
again if you want to ensure you are safe do the following:
1.clear your temp files:http://www.piriform.com/ccleaner
2.do a dr.web cure it scan:http://www.freedrweb.com/cureit/?lng=en
3.scan your system for rootkits:http://www.usec.at/rootkit.htmlMAY THIS LEAD TO A BSOD SO SAVE YOUR WORKS BEFORE DOING THIS STEP
4.scan with mbam:http://www.malwarebytes.org/mbam.php
5.post a Hijack Hunter log in this topic:http://www.novirusthanks.org/products/hijack-hunter/
6.we will provide a cleaning script,you should run it with Threat Killer
Using Hijack Hunter:
1.after downloading install the program
2.from the gui press scan
3.post the log here or attach it
4.the restorer page contain helpful resources to fix policies related
system
August 17, 2010, 4:09pm
3
Below is the MBAM report.
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4439
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
8/17/2010 9:26:18 PM
mbam-log-2010-08-17 (21-26-18).txt
Scan type: Full scan (C:|D:|E:|F:|)
Objects scanned: 164895
Time elapsed: 38 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information_restore{A4AE7D64-E9E9-461A-9910-B0A044949D3D}\RP39\A0028638.sys (Trojan.Agent.Gen) → Quarantined and deleted successfully.
system
August 17, 2010, 4:10pm
4
I scanned with Avast now. It doesn’t show anything now.
I wish your pc is clean.now.
You are welcome