Avira Antivir flags "TR/2ndThought.AA.2 [trojan]"

#1 allbread


Posted 10 May 2010 - 10:31 PM

Virus or unwanted program 'TR/2ndThought.AA.2 [trojan]'
detected in file 'C:\WINDOWS\Temp\CB228.tmp.

This happens a couple times a day - usually there are three subsequent detections and then nothing for a couple hours.I use this box essentially as a media server and it has some DVR recording hardware/software installed as well (BeyondTV, DaemonTools, Slysoft AnyDVD etc).

What worries me most is that the file generated always has a different hex-based name and on occasion has been a .exe (in C:\WINDOWS\Temp\CB228.exe for example)...

I have run hijackthis and have captured the following logfile:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:13:17 PM, on 5/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Vidalia Bundle\Polipo\polipo.exe
C:\Program Files\MRAID\ArcHTTP\ArcHttpSrvGUI.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVAgent2.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVSettingsService.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVTaskManagerService.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVNetworkService.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVSchedulerService.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVRecordingEngine.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVRecordingEngine.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SnapStream Media\Beyond TV\BTVRecordingEngine.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

EDITED HJT log~~boopme
Any advice would be much appreciated.


Edited by boopme, 10 May 2010 - 10:55 PM.

#2 boopme


Posted 10 May 2010 - 10:54 PM

Hello are you are running Comodo Firewall and antivirus and Avira antivirus. I am suspecting a conflict and False Positives. I suggest you uninstall the Comodo A/v portion,retaining the firewall.
#3 allbread

Posted 11 May 2010 - 02:24 PM

I do have Comodo installed - I will remove the A/V and see if this remedies the issue.


