Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

AVG scanner help please

by sham1313 Nov 6, 2008 11:34AM PST

I think this is where I should start this question. there is no virus it always says that but a lot of times this morning while trying to search for certain things on the web. it say I need teg help if I want these sites to be accepted by the avg.

Infection type virus name PUP potentially harm full programwinfixer.avk
path to file C:/user/hamm/RegCleaner.dill I sent it to be analysis. at one time I was going to try flock as my browser when avg goes to pull up a page it pull up flock browser. altho I have not really tried it yet. my husband says he is sure flock is what made his old computer not work any more. any way when flock page come up at 1st it said a infection and i tried to heal it because I thought it was and important file. the infection said warning found tracking
cookies.2.7 path to file C:/user/hamm/AppData/Roaming

these things keep poping up while on this avg while using IE 7
Infection list
File Name C:/users/hamm/AppData/ Roaming/Microsoft/windows/cookies/hamm@fastclick detected on open
2File Name C:users/hammAppData/Roaming/Microsoft/windows/cookies/hamm@double(1)txt
thread name found tracking cookies double click detected on open
then I started a scan And it said File HKU/S-5-21-2221848310-463687312868132636-1000/SOFTwa... Result/infection FOUND ad Rogue Suspect it has four thing in the vault not sure if you want me to write them down or not. if you do let me know and I well try to copy every letter and number right like I did above. after the scan even the 4 items in the vault said they had no virus that the computer was virus free every two or three pages things begin to pop up saying found threat with click ignore remove I don't want want to delete because I think it is and important file. I have to keep clicking ignore to even keep typing on this page. this is a hp computer with windows vista and I know very little about computer. if you need any more computer information or if I need to type you what is being healed in my virus vault just let me know and I well do it.
thanks sham1313

Discussion is locked

16 Posts
- Collapse + Expand Details
- Collapse -
I would suggest........
by Marianna Schmudlach Nov 6, 2008 2:08PM PST

Please download Malwarebytes Anti-Malware or alternate download link

* Make sure you are connected to the Internet.
* Double-click on Download_mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
* - Update Malwarebytes' Anti-Malware
* - Launch Malwarebytes' Anti-Malware
* Then click Finish.
* MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
* If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

* On the Scanner tab:
* - Make sure the "Perform Quick Acan" option is selected.
* - Then click on the Scan button.
* The next screen will ask you to select the drives to scan. Leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
* When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
* Click OK to close the message box and continue with the removal process.
* Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.
* When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
* The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

* -- Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

What does the scanner find?

- Collapse -
I did what you what you said but i am a bit confused
by sham1313 Nov 6, 2008 11:12PM PST

Malwarebytes Anti-Malware
is this a virus scanner? if it is I have paid over $70.00 for an AVG scanner and on my old computer it get me from getting any virus. and when I had that trouble it had warning but said it had no virus I thought they were important files and did not want to remove them. when this malwarebytes did it scan I saw they were not important files so I let them be remove. Mine computer seem to be fine so not sure what happen. thanks sham1313

- Collapse -
I forgot
by sham1313 Nov 7, 2008 10:05PM PST

this is not all but I forgot to write all it found for you but this is a bit of what it found. thanks sham1313

Infection type virus name PUP potentially harm full programwinfixer.avk
path to file C:/user/hamm/RegCleaner.dill
cookies.2.7 path to file C:/user/hamm/AppData/Roaming
File Name C:/users/hamm/AppData/ Roaming/Microsoft/windows/cookies/hamm@fastclick detected on open
2File Name C:users/hammAppData/Roaming/Microsoft/windows/cookies/hamm@double(1)txt

- Collapse -
MBAM
by Marianna Schmudlach Nov 8, 2008 4:23AM PST

Malwarebytes Anti Malware (MBAM)is a malware scanner and is FREE.

Did you let MBAM delete whatever it found?

Maybe you could update and run MBAM again and post the MBAM log, so we can see IF it deleted everything.

- Collapse -
I have run both twice
by sham1313 Nov 8, 2008 4:46AM PST

the free one you ask me to download and the paid avg one. both found nothing. On my old computer I had the free avg virus scanner and it stop all virus that attracted it. so I thought the paid version of avg would do the same for the new one. it is the only time I ever paid for a virus protector. thanks for your help. sham1313

- Collapse -
Both scanners clean.......
by Marianna Schmudlach Nov 8, 2008 5:53AM PST

keep MBAM for malware scanning, updates are almost every day !

You also could download and install..... to prevent malware:

SpywareBlaster

Why SpywareBlaster? Spyware, adware, browser hijackers, and dialers are some of the most annoying and pervasive threats on the Internet today. By simply browsing a web page, you could find your computer to be the brand-new host of one of these unwanted fiends!

More and download: http://www.javacoolsoftware.com/spywareblaster.html

Is also FREE.

- Collapse -
I went to the log+
by sham1313 Nov 8, 2008 10:56PM PST

I remembered I could fine out from the log what all it found witch this is a copy paste of what it found. then wanted to ask you this I was told having two virus protected on a computer at the same time was bad on a computer because they could con-flick witch each other? also before I download the other thing you ask. when I try to do and update
Malwarebytes' Anti-Malware it trys but the line that tell you when it is finished never start. so I can not updated. I try to use certain words when I write because I am a bad speller and some times people have a hard time understanding me. thanks sham1313


Malwarebytes' Anti-Malware 1.30
Database version: 1371
Windows 6.0.6001 Service Pack 1

11/7/2008 6:29:43 AM
mbam-log-2008-11-07 (06-29-43).txt

Scan type: Quick Scan
Objects scanned: 44057
Time elapsed: 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{c24d7016-d00f-41ef-9781-984b6b5ff38f} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ec88fcd0-2ed5-4d65-9b4c-71d146b43a2e} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e532cfb1-5edd-4663-8c22-bcd67b5e5bd4} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Windows\System32\ConTest.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Windows\System32\SysRestore.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\Ascentive (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Ascentive\Performance Center (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Files Infected:
C:\Windows\System32\ConTest.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
C:\Windows\System32\SysRestore.dll (Rogue.AscentivePerformance) -> Quarantined and deleted successfully.
C:\Program Files\Ascentive\Performance Centertemp.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Ascentive\Performance Center\GUID (Rogue.Multiple) -> Quarantined and deleted successfully.

- Collapse -
MBAM
by Marianna Schmudlach Nov 9, 2008 12:06AM PST

Hi,

the MBAM log shows it "Quarantined and deleted successfully" all the infections.

Are you running 2 Anti Virus programs? Which ones? Indeed, it is NOT wise to have 2 Anti Virus programs on your computer as they can conflict.

Could you do me a favor and run Malwarebytes Anti Malware once again, only to see IF it comes up clean. Pls. c\p once again the MBAM log. Thanks.

- Collapse -
yes I am running now
by sham1313 Nov 9, 2008 12:36AM PST

see when I wrote you the 1st time I said I had A virus scanner that is called AVG witch is one I use to use on My old computer, but it was a free version and it kept the old computer from ever getting a virus. so I thought the paid version would take care of this new one that is under a year old. I was just doing a search for buying preban Ivory and some think came up witch started downloading another windows virus protector because of a virus popping up I tried to stop it witch I think I did from downloading then I started the virus scanner you said to download I am waiting for it to finished while I type this to you. I have the bought paid for avg scanner and the one you said to download. not sure what I sure what i should do now. I am wont be able to be on the computer much today. so I hope if that virus is still here it get put in the vault and taken care of. thanks sham1313

- Collapse -
Malwarebytes is NOT an........
by Marianna Schmudlach Nov 9, 2008 12:45AM PST

Anti Virus program but an Anti MALware program. If I understand you correctly, you have the paid version of AVG and Malwarebyte Anti Malware now on your computer...... correct? So, that is one Anti Virus and one Anti Malware program.

- Collapse -
I understand now
by sham1313 Nov 9, 2008 2:47AM PST

I thought Malwarebites was a free version of another virus scanner. I know that is wrong now. it is a diiferent program that help your computer from getting a virus. this is what I got last time from running malwarebites.
Malwarebytes' Anti-Malware 1.30
Database version: 1375
Windows 6.0.6001 Service Pack 1

11/9/2008 10:31:59 AM
mbam-log-2008-11-09 (10-31-59).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 180622
Time elapsed: 1 hour(s), 33 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
then I run my avg and it put 3 files in the vault I can fine where to click to copy the 3 infected files to send you. should I hand copy those 3 files and send you. well try to check back soon. both times this virus came up when I was doing a google search for preban ivory for sale. I think some one is sending the virus to these site.
thanks sham1313

- Collapse -
AVG and vault.....
by Marianna Schmudlach Nov 9, 2008 2:57AM PST

Good job ! Malwarebytes Anti Malware came up clean - Super !

AVG - could you pls. have a look what is in the VAULT of AVG??

What are the names? Leave everything in the AVG vault for now !

- Collapse -
I did like you ask
by sham1313 Nov 9, 2008 8:58AM PST

and it is clean. thank you! sham1313

- Collapse -
(NT) Congratulations - GREAT Job !!
by Marianna Schmudlach Nov 9, 2008 10:00AM PST
- Collapse -
this is what you ask me to do
by sham1313 Nov 9, 2008 3:39AM PST

but I dont understand why I could not write reply to the last post you sent me. virus names there our 3. 1. virus found fake alert 2. trojan horse downloader Zlob_r.DX 3. virus found fake alert. and they all three our still in the vault. thanks sham1313

- Collapse -
Reason: You for sure saw....
by Marianna Schmudlach Nov 9, 2008 3:54AM PST
Note: Due to the depth of this discussion thread, no additional replies can be accepted for this post. If you have comments to make, please reply to the original post at the beginning of this thread.

So, you did good to reply to the original post Happy

virus names there our 3. 1. virus found fake alert 2. trojan horse downloader Zlob_r.DX 3. virus found fake alert. and they all three our still in the vault.

o.k. you can DELETE those entries from the vault. Reboot your computer
and run AVG again........... does it come up clean?

IF YES........ then pls. make a NEW restore point !

then follow this procedure:

Start/My computer/ C: properties disk clean up
select More options
Delete all old SR points except the latest.
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info