AVG scan detected trojan horses. I did another scan and no threats where found?

Status
Not open for further replies.
Hello everyone. Before I start going off about my problems I thought I should let you know that I am not very "informed" when it comes to computers and viruses etc. And I do not understand alot of the help I've been reading on the web so if you could put any answers as simply as possible that'd be great.

Anyway, I did a virus scan with AVG Anti-Virus 8.0 and the scan detected a number of different Trojans. I am not able to tell you exacally how much and what kind because I have since then closed the scan results. But I do know there where at least 3 trojan downloaders, and then some. Anyway my problem is that I have done another scan with the same program and the results said that I have no threats and no warnings. (save a few cookies, which I am not worried about)
So, my question is does this mean I have nothing to worry about? I am guessing no, because I do know that trojans don't just go away like that. So if someone could tell me how to find out where they have gone and give me and in-depth simplified walkthrough of how to get rid of them it would be greatly, greatly appreciated.

Many thanks in advance.


Okay, I went to the virus vault, (duh) I have one Trojan Horse Generic_c.YSE

One Trojan Horse Downloader.WImad.E

and two Trojan Horse SHeur.CHYN

Please, I need to know how to get rid of them.
 
logs

Hey guys, these are my logs. I hope they are able to help you help me.
took forever :haha:

Anyway, please reply soon, time for bed, thanks.:grinthumb
 

Attachments

  • hijackthis.log
    10 KB · Views: 6
The Mbam logs shows some Trojans removed.

SuperAntisoyware shows a large number of Tracking Cookies. Have SAS remove them. See the images on this site for guidance on the SAS screens: http://superantispyware.en.softonic.com/images
Reset Cookies:
Reset Cookies: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

Update Java:
Your version of Java is now outdated. Java vulnerabilities are commonly exploited by viruses so I strongly recommend you update. Click here to download the latest version of java ( Java Runtime Environment (JRE) 6.0 Update 10 ): http://java.com/en/download/manual.jsp
Please install it and then reboot your computer.

Please re-open HiJackThis and scan.*Check* the boxes next to all the entries listed below
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: ASETRES.EXE>> set audio
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JS...3/&filename=jinstall-6u10-windows-i586-jc.cab
The following - modifies the default IE SearchHook. Some Conduit toolbars are reputed to have a certain adware/trackware functionality. Check to remove.
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll [/QUOTE]

The following indicate that Parental Controls have been set up on this system.- all Windows Vista - Windows Parental Control Related. Have Parental Controls been set up? Do not remove these entries, just verify:
C:\Windows\System32\wpcumi.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
[/QUOTE]
Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot.
into Safe Mode


Start> Run> type in 'msconfig' without quotes> enter> Selective Startup> Startup tab> UNCHECK all processes EXCEPT those for AVG> Apply> OK

Control Panel> Add/Remove Programs> Remove the following if present:
All Java EXCEPT v7u10
Any FreeDownload or Conduit entry
Limewire- this is a file sharing program and as long as you use it, it are going to get malware.
Reboot into Normal Mode. Scan with HijackThis again and attach new log.
 
Status
Not open for further replies.
Back