TechSpot

AVG scan detected trojan horses. I did another scan and no threats where found?

By s1ranger
Nov 5, 2008
Topic Status:
Not open for further replies.
  1. Hello everyone. Before I start going off about my problems I thought I should let you know that I am not very "informed" when it comes to computers and viruses etc. And I do not understand alot of the help I've been reading on the web so if you could put any answers as simply as possible that'd be great.

    Anyway, I did a virus scan with AVG Anti-Virus 8.0 and the scan detected a number of different Trojans. I am not able to tell you exacally how much and what kind because I have since then closed the scan results. But I do know there where at least 3 trojan downloaders, and then some. Anyway my problem is that I have done another scan with the same program and the results said that I have no threats and no warnings. (save a few cookies, which I am not worried about)
    So, my question is does this mean I have nothing to worry about? I am guessing no, because I do know that trojans don't just go away like that. So if someone could tell me how to find out where they have gone and give me and in-depth simplified walkthrough of how to get rid of them it would be greatly, greatly appreciated.

    Many thanks in advance.


    Okay, I went to the virus vault, (duh) I have one Trojan Horse Generic_c.YSE

    One Trojan Horse Downloader.WImad.E

    and two Trojan Horse SHeur.CHYN

    Please, I need to know how to get rid of them.
  2. s1ranger

    s1ranger Newcomer, in training Topic Starter

    logs

    Hey guys, these are my logs. I hope they are able to help you help me.
    took forever :haha:

    Anyway, please reply soon, time for bed, thanks.:grinthumb

    Attached Files:

  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    The Mbam logs shows some Trojans removed.

    SuperAntisoyware shows a large number of Tracking Cookies. Have SAS remove them. See the images on this site for guidance on the SAS screens: http://superantispyware.en.softonic.com/images
    Reset Cookies:
    Update Java:
    Please re-open HiJackThis and scan.*Check* the boxes next to all the entries listed below
    The following - modifies the default IE SearchHook. Some Conduit toolbars are reputed to have a certain adware/trackware functionality. Check to remove.
    R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
    O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
    O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll [/QUOTE]

    The following indicate that Parental Controls have been set up on this system.- all Windows Vista - Windows Parental Control Related. Have Parental Controls been set up? Do not remove these entries, just verify:
    C:\Windows\System32\wpcumi.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    [/QUOTE]
    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot.
    into Safe Mode


    Start> Run> type in 'msconfig' without quotes> enter> Selective Startup> Startup tab> UNCHECK all processes EXCEPT those for AVG> Apply> OK

    Control Panel> Add/Remove Programs> Remove the following if present:
    Reboot into Normal Mode. Scan with HijackThis again and attach new log.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.