Greetings,
I keep receiving this message evertime I boot up. I have run full scan severale and boot time scans. It always finds the problem and blocks but cannot remove it. I am running Vista 64.
Detailes message from avast. Malware blocked
Object c:\windows\assembly\tmp\u\800000cb.@
Infection Win32:Malware-gen
Action: moved to chest
process: c:\windows\system32\csrss.exe
Any help would be appreciated.
Could you follow the steps here http://forum.avast.com/index.php?topic=53253.0 and post the resultant logs
Sorry about that. Here there are. Thanks Glenn.
On completion of this run can you let me know if the alerts persist… I also notice that Norton is running multiple drivers on your system, this could cause problems
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found O4 - Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = File not found:Files
ipconfig /flushdns /c
c:\windows\assembly\tmp:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
[Reboot]
That seemed to fix it.
Any other problems ?
None. Thanks for your help.
Run OTL and hit he cleanup button to remove it and the quarantined files ;D