Posible virus/spyware

Faolchu

GUys

last night AVG poped up a warning for VBS/Small it listed a file form dell and looking into it this seems to be a false positive coz if i manually scan the folder nothing is found.

so I went to the sicky and ran through the steps.

Ran Malwarebytes and superantispyware i found some cookies and a browser hijacker which i had it remove.

Ran a Trend Housecall and it turned up nothing either.

now Malwarebytes keeps poping up telling me its either blocking outgoing or incoming potential hameful websites and it gives me the IP.

ASJ112

logs look fine, more than likely its a false positive by AVG


don't suppose you have a log from AVG ?

Faolchu

nothing from AVG havent run a complete scan in a few weeks, I'll let it do a system scan over night and post up any logs. thanks for looking at them.

any idea why malwarebytes would be saying its blocking outgoing to possible malicious websites?

ASJ112

Ran Malwarebytes and superantispyware i found some cookies and a browser hijacker which i had it remove.

Got a log for whatever found the browser hijacker ?


Probably a FP by MBAM, what is the IP it gives you

Faolchu

superantispyware caught it but i think it may have been a falso positive coz all it actually found was a URL in a backup of my favorites form an old PC. it wasnt actually running/installed I've attached the log.


AVG doesnt seem to give a comprehensive log that i can see but after running a full scan it displayed this:

Scan "Whole computer scan" completed.No infection was found during this scanFolders selected for scanning:;"Whole computer scan"Scan started:;"24 July 2011, 21:03:39"Scan finished:;"24 July 2011, 21:28:02 (24 minute(s) 23 second(s))"Total object scanned:;"1126752"User who launched the scan:;"user"

Malwarebytes protection log is also attached:

there's a bunch of IPs each time its saying something like "blocking access to potrntially malicious web page" then its says "outgoing: IP address" or "incoming: IP Address" but it doesnt happen all the time though. like now for instance no notification when on boards but the missus got one when on youtube earlier.

ASJ112

I wouldn't worry bout it, but if you want a definitive answer I would post here about it

http://forums.malwarebytes.org/index.php?showforum=42

Faolchu

ok cool most probably false positives coz i dont get them all the time. thanks for the assist

ikeano29

in registry. (back up first)

go to start, run, type regedit.exe, hit return and find and delete these>>>>

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ XTray.exe
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN XTray.exe

John.Icy

This is something I experienced, the same date I believe. It popped up, the vbs/small warning on AVG. Of course, I ran a manual scan on AVG, nothing. I downloaded Ad Aware and did a scan with that too, nothing. Just to be safe, I system restored to the day previous, scanned with both again, nothing.

Am I in the clear and this was this false positive, or is there more that meets the eye?

Any opinion greatly appreciated.

EDIT: Done a scan with Malwarebytes free edition, 32 infections/threats spread over regristry and someone files..main one was the Funweb one, quarentined and removed all 32, restarted, rescanned, all clear this time. What next? Shall I do he OTL and will someone be able to tell me if it's clear, or if I'm still infected, hope someone knows. Cheers.