Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DELL AVG Scan Overview - Detection - Not Removed


  • Please log in to reply
9 replies to this topic

#1 Jove

Jove

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:08:07 PM

Posted 13 May 2013 - 10:15 AM

Will appreciate your advice on this, maybe it is the cause of (curser sometimes is invisible), like when I am typing here in this post.

 

 

"Whole Computer Scan"
"Medium priority";"2";"1";"1"
"Folders selected for scanning:";"Scan Whole Computer"
"Started:";"5/13/2013, 9:21:57 AM"
"Finished:";"5/13/2013, 9:59:38 AM"
"Total object scanned:";"327067"
"User who launched the scan:";"Jove"

"Status";"Priority";"Name";"Description";"Result"
"Healed";"Medium";"Corrupted executable file";"F:\Documents and Settings\Jove\Local Settings\Application Data\Mozilla\Firefox\Profiles\i217grlm.default\Cache\B9286DEBd01";"Secured"
"Infected";"Medium";"Corrupted executable file";"F:\Documents and Settings\Jove\Desktop\Unused DT-040313\avg_tuh_stf_all_2013_2_24c43.exe";"Infected"
 


When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:07 PM

Posted 13 May 2013 - 07:00 PM

Did you ask AVG to remove those files?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:08:07 PM

Posted 14 May 2013 - 05:34 AM

I'll report that to AVG, . I assume I can do that using the AVG console ?

 

MBAM ? I thought I downloaded a free version Have any idea what will happen after four days ?

1.75.0.1300 Trial 4days remaining
Data Base Version V2013.05.13.08


When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:07 PM

Posted 14 May 2013 - 07:12 PM

MBAM will just become free version which doesn't run in real time.

 

I'm not sure what exactly you want to report to AVG.

I asked if AVG is having any problems with removing what it found.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:08:07 PM

Posted 14 May 2013 - 08:00 PM

AVG Overview

 

"Status";"Priority";"Name";"Description";"Result"
"Healed";"Medium";"Corrupted executable file";"F:\Documents and Settings\Jople\Local Settings\Application Data\Mozilla\Firefox\Profiles\i217grlm.default\Cache\B9286DEBd01";"Secured"
"Infected";"Medium";"Corrupted executable file";"F:\Documents and Settings\Jople\Desktop\Unused DT-040313\avg_tuh_stf_all_2013_2_24c43.exe";"Infected"

 

 

MBAM 051313


2013/05/13 18:18:34 -0400    BOING-417332229    Jople    IP-BLOCK    222.186.57.159 (Type: incoming)
2013/05/13 20:04:25 -0400    BOING-417332229    Jople    IP-BLOCK    222.186.26.56 (Type: incoming)
2013/05/13 22:01:48 -0400    BOING-417332229    Jople    IP-BLOCK    222.186.26.56 (Type: incoming)

 

MBAM 050313

 

Registry Keys Detected: 1
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 772cefb0866ec50337cc6ae85ce66530 -> Quarantined and deleted successfully.

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
F:\Documents and Settings\Jople\Local Settings\Temp\Solid-SavingsUS.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
F:\Documents and Settings\Jople\Local Settings\Temporary Internet Files\Content.IE5\TGIYHNXM\Solid-SavingsUS[1].exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.

This report seems that the infections are in the vault for AVG, but in MBAM, maybe you can tell me ?

 

 

Also how do I know what MBAM is Blocking, doesn't AVG do the same thing I don't think it was running while MBAm was doing the scan ?


Edited by Jove, 14 May 2013 - 08:02 PM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:07 PM

Posted 14 May 2013 - 08:11 PM

"avg_tuh_stf_all_2013_2_24c43.exe" seems to be connected to AVG PC TuneUp and it was scanned before at VirusTotal: https://www.virustotal.com/en/url/907b2fe5fb18d7121ecae2b0d2d13113327625769a23b1264a4e4ba0849c7e88/analysis/

 

What is "Unused DT-040313" folder on your desktop?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:08:07 PM

Posted 15 May 2013 - 06:47 AM

That is a folder for unused desk Top items

 

I did not know that the scan results were Internet accessible, . .

However I am not sure I understand the one posted shows 1 entry

as malware, (high lighted in red), does that pertain to something on my PC ?

 

Thank you !


When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:07 PM

Posted 15 May 2013 - 05:14 PM

No. I think it triggered AVG since the file is in unusual location.

I still don't understand why you're not allowing AVG to fix both items.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:08:07 PM

Posted 15 May 2013 - 05:33 PM

I'll check that for you the information may have originated from the AVG, "fix performance".
 
However going to the virus vault there are 2 corrupted executable files I deleted one, . .
but if you are familiar with AVG, . . what is the difference between delete and Empty Vault ?
 
Edited
///////////////////////////
 
AVG Whole Computer Scan 5/13/13
Object is bigger than maximum allowed size(5MB)
F.Documents and Settings\Jople\Unused DT\avg_tuh_stf_all_2013_2_24c43.exe
Do you really want to remove this object?
 
Possibly this may be the answer you are looking for ?
 
You did ask me before , .what that was.

Edited by Jove, 15 May 2013 - 07:03 PM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:07 PM

Posted 15 May 2013 - 05:36 PM

You delete selected item(s). Emptying vault removes all items.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users