Virus/trojan? Help please

aaroncaz

Did start this on another thread.

Went on Thomas Cook last night, Avast said it had a trojan, did scan 4 found:
HTML:Iframe-QH [Trj]

Avast then did boot time scan? and 59 threats found, I think i sent them to the chest( am never sure what action to take) When I look at log all that it shows is 23 threats same as above. This morning tried Thomas Cook again, seemed ok did another Avast scan and it said I had:

Win32:Malware-gen.
I can't see how to copy and paste Avast logs. Am running Malware now.

waddler_8

As I said in the other thread, the corrupted files are probably ok. They are most likely archives that avast can't unpack to be able to scan.

What exactly is Avast detecting as Win32:Malware.Gen? Give the full path and filename.

EG.

C:\directory\folder\sub folder\filename.ext

Generic detections (.Gen) can be prone to false positives.

aaroncaz

waddler_8 wrote: »

As I said in the other thread, the corrupted files are probably ok. They are most likely archives that avast can't unpack to be able to scan.

What exactly is Avast detecting as Win32:Malware.Gen? Give the full path and filename.

EG.

C:\directory\folder\sub folder\filename.ext

Generic detections (.Gen) can be prone to false positives.

Thanks How do ~I find the full path and filename please?

waddler_8

It should show in scan computer > scan logs > view results?

Drag the separating bar to the right between file name & severity.

aaroncaz

c\users\carol\appadata\...(upx)

Is this what you mean? couldn't copy and paste.

waddler_8

Yes. that's right - What's the actual filename?

It looks as though it's being detected because it's packed with UPX.

aaroncaz

c\users\carol\appadata\local\temp\icreinstall_facemoods(1)exI>(UPX)

waddler_8

Facemoods. Nothing much really to worry about.

https://www.virustotal.com/file/5f20b5e68ef5e41870c659912a1f57a9923d685283c7f13a11fd7edfb56820fb/analysis/

http://www.threatexpert.com/report.aspx?md5=be82e1ecd89b0829c3e73bfc3369c850

http://facemoods.com/facemoods_for_Facebook

aaroncaz

Thank you! Am just finishing Malware scan then shall post it up but it's showing no threats so far. I don't know what I would do without the expert help on here!!:T

Is it "safe" to go Thomas Cook then:o

waddler_8

Yes, it looks as though it is.

Do this - it should take 2-3 mins.

Download DDS from the link below and save it to your desktop:

Link

After you've downloaded it and saved it to your desktop:

• Double click DDS to run it.
• When it's finished, DDS will open two logs:

1. DDS.txt
2. Attach.txt

Save both reports to your desktop.

Copy & paste the contents of just attach.txt for now and post it here (you may need to split the log over separate posts)

aaroncaz

Malwarebytes Anti-Malware 1.61.0.1400
https://www.malwarebytes.org

Database version: v2012.06.24.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
carol :: CAROL-PC [administrator]

24/06/2012 09:09:01
mbam-log-2012-06-24 (09-09-01).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 324194
Time elapsed: 1 hour(s), 31 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)