Win32 Virus

Hello,

Avast detected Win32:Adware-gen [Adw] the other day and moved it into the virus chest; there is also Win32:Evo-gen [Susp] in the chest as well from a couple months ago.

I ran Avast again yesterday, and it detected nothing.

I noticed that a few programs got updated on the computer so I ran them all the programs again today. The logs attached are from the most recent scan. I also still have the logs from the scans from a day or so ago; I believe Malware moved some files into quarantine on the earlier scan.

aswmbr.exe froze up after about 5 minutes, 3 times in a row, so that is why no log from that is attached.

I just want to make sure that the viruses are taken care of, and machine is good to go. Also, should I leave them in the virus chest or delete them.

Much thanks in advance.

When in doubt, you are better off leaving them there in case it is a file that is vital to running your system. What are the names of these files in the Chest and the location?

Have you re-scanned the files in the Chest to see if they are still infected or not?

Please refer to this post https://forum.avast.com/index.php?topic=53253.0 and follow the directions. ATTACH the logs requested:

  • MBAM
  • Farbar Recover Scan
  • aswMBR.exe (if you cannot run it, it’s OK)…that means something may be wrong.

After posting your logs, do not make any changes to your machine. A Malware Removal Specialist will review your logs and give you further instructions. They come on the forum at different times, so please be patient. Thank you.

File Name: FusDeviceManager.dll
Location: C:\Users\Jess!\AppData\Roaming\VERIZON\PluginModules
Re-Scanned: – no virus –

File Name: avg8fupg.exe
Location: C:\Users\Jess!\Desktop\Dell computer files\JESS-PC\Users\Jess!\Desktop\unneccessary files
Re-Scanned: Win32:Adware-gen [Adw]

Logs are in the first post, and thank you.

Just a few orphans is all that I can see :slight_smile:

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2559647 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2559647 Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

Sorry lag in reply, was at work when I saw your post!

Logs are attached.

Thanks!

Looking good, any apparent problems ?

Computer is booting up pretty slow, but I was going to run a defrag and check for errors. Other than that, seems good.

OK after you have defragmented the drive let me know how it is and if it is OK I will tidy up

Still really pretty slow. The computer used to pop from booting up, to login screen, to logged in fairly quickly. I also scanned for errors if that makes any difference.

Thanks!

To speed up the boot process you can try xbootmngr

Download the SDK web installer from here
Run the installer and select the following:

Leave the location to default

https://dl.dropbox.com/u/73555776/wdk%20location.JPG

Windows Performance Toolkit

https://dl.dropbox.com/u/73555776/Wintoolkitselect.JPG

You must reboot on completion of the install

After reboot set aside about 30 minutes when you will not need the computer

When ready start an elevated command prompt :

Go Start > All Programs > Accessories
Right click Command Prompt and select Run as Administrator

Then copy and paste the following command into the black box :

xbootmgr -trace boot -prepSystem -verboseReadyBoot

https://dl.dropbox.com/u/73555776/sdk%20command.JPG

Now your PC will be restarted 6 times. With a two minute pause before the tool runs after the desktop loads
After the second reboot the MS defragmentation program is running and is placing the files into an optimized layout, so that Windows will boot up faster
The last Reboots are training of readyBoot. After the training is finished, you’ll notice a huge improvement in startup.

Readyboot

The logical prefetching described above is used when the system has less than 512MB of memory. If the system has 700MB or more then an in-RAM cache is used to further optimize the boot process (it’s not clear from the book whether or not this ReadyBoot cache completely replaces the logical prefetching approach or just builds on it, my assumption is that both work together). After each boot the system generates a boot caching plan for the next boot using file trace information from up to the five previous boots which contains details of which files were accessed and where on the disk they were located. These traces are stored as .fx files in the

Looks better so far, will boot up again here shortly. Other than that, everything seems good!

Thanks much for your help!