Avast problem, virus, or paranoia?

Howdy, XPSP3 here with Avast and Comodo firewall (both free).

Started experiencing some small issues within the past week - Comodo seemed to be freaking out occasionally and eating up lots of CPU. Probably about a week before this I DID get a virus in an email that Avast "caught" (it was never opened - Avast noticed it and "took care of it" when it came into my inbox). Now, I might be being paranoid but I feel like I should have run the scans at that point, but alas I did not.

Anyways, Comodo starting acting wonky and then I swear Avast prompted me to update to Version 7 a couple days ago (which I thought was successful) - since then my system has been working hard and last night the wireless connection went nuts and the system locked several times.

Finally was able to get the scan programs copied over from a DVD but I couldn't get any updates (though my wireless connection was saying all was ok!)...so, I went through a system restore to back before I got the email...i know this won't remove a virus - I just needed to get some functionality and internet back.

After this I was able to run the scans but Avast was showing a problem - service stopped working and it wouldn't allow me to restart it. This may have interfered with my Combofix scan, so I uninstalled Avast and finished running Combofix (a second time), RR, and MGtools without an AV installed.

Finished by installing the latest version of Avast and things seem to be running smoothly again. I'm no expert but I didn't see anything crazy pop up in/during my scans so maybe this was all just a scare caused by a problem with Avast - maybe not.

Please check my logs when you get a chance just to assuage my fears! I'm most concerned because I was finishing my taxes yesterday and using my debit card online for that before this happened and I'm a bit worried about whether my financial info could have been compromised!?!

Thanks for all that you folks do here at MG.

PS: Please note that I have attached both my combofix logs - 4-17-2012-2 being the one run after I removed Avast.

 

RR and Mgtools logs attached. Thanks again!

 

Hello insan_art,

These logs are about as clean as you can get

Here are a couple of things you can do though:

From Add/Remove Programs (via Control Panel), please uninstall the below:

• Java(TM) 7 Update 1 (outdated)

Now install the current version of Sun Java from: jre-7u3-windows-i586.exe

__

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis if it present
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.

Be safe

 

Hi thisisu, thanks for your reply. Yes, I'm sorry, I meant to say something about Java - the update link within the cleaning procedure instructions is outdated - It took me to a link for Java 6 vers. 30 (or maybe 31?). I browsed my add/remove and noticed I had Java 7.1 so I just left it at that since I was in a hurry and didn't have time to look up what the newest version actually was...I apologize for that. I will update Java and finish the "final steps".

Hmmm...I'm wondering if there isn't an issue with Comodo. As I said I reinstalled Avast and that seems fine now, but this morning I still had internet connectivity problems and Comodo hung when I tried to open it (and it's service .exe hung when I tried to restart). After the restart everything seems fine again. Have you guys seen any problems with Comodo popping up recently??

I will look into this more with a post in your software forums or maybe Comodo forums.

Thank you for the clean report! That makes me feel *much* better - it's probably just my poor old laptop.....she needs a fresh OS install really bad.

Thanks again! I <3 you guys (and gals!)...

 

Not really. If there are they would be posted in the Software forum.

You're welcome