Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

ASC PUP detected by Avast 5.0 !!


blacksea

Recommended Posts

Interesting!

 

If you look at the object and the process they would appear to be unrelated!

 

Would appear your machine has an infection: http://www.threatexpert.com/files/mirc.exe.html

 

Or not! This is also a windows file!

 

Probably associated with a startup application. Can you post hijack log please BlackSea?

 

Also suspicious is the named file location Program files / Mirc.

I agree with Pyrath below. Have you downloaded a software that could modify your system to make it faster for chat/streaming? Just asking that's all... trying to eliminate the possibilities!

 

I also agree with detailer... it could be a false positive.

Link to comment
Share on other sites

mirc.exe is a process belonging to the mIRC Internet Relay Chat utility which allows you to connect to Internet based servers. This is a non-essential process. Disabling or enabling it is down to user preference.

 

 

Across all ThreatExpert reports, the file "mirc.exe" was mostly identified as a threat.

Link to comment
Share on other sites

If you look at the object and the process they would appear to be unrelated!

 

Would appear your machine has an infection: http://www.threatexpert.com/files/mirc.exe.html

 

Or not! This is also a windows file!

 

Probably associated with a startup application. Can you post hijack log please BlackSea?

 

Also suspicious is the named file location Program files / Mirc.

I agree with Pyrath below. Have you downloaded a software that could modify your system to make it faster for chat/streaming? Just asking that's all... trying to eliminate the possibilities!

 

I also agree with detailer... it could be a false positive.

 

Here is my hijack result.

 

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 17:58:09, on 23-1-2010

Platform: Windows XP (WinNT 5.1)

MSIE: Internet Explorer v6.0 (6.0.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\program files\steam\steam.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\alg.exe

C:\Documents and Settings\Akcay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Akcay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Akcay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Documents and Settings\Akcay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\svchost.exe

C:\Documents and Settings\Akcay\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AcroIEHelperStub - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60

O4 - HKLM\..\Run: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1253299216203

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2service.exe

O23 - Service: (Ati HotKey Poller) - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

 

Yes, I use that program for a game I play named Counterstrike:Source. With mirc we can look for other players who want to have a 'clanwar'. It's commonly used by CS:S players.

 

Blacksea

Link to comment
Share on other sites

Aside

 

I wanted to uninstall Avast 5.0 and then reinstall it. I wanted to uninstall it with the uninstaller of ASC. Then suddenly this Popup came from Avast.

 

Aside: I am certainly no expert and this has probably nothing to do with the problem above but.....

It seems Avast was still runnuing when you tried to un-install it ?

I would guess that any good security software would rightfully protect itself and should be completely shut down before trying to un-install it :?:

 

All the best, woz of oz

Link to comment
Share on other sites

Aside: I am certainly no expert and this has probably nothing to do with the problem above but.....

It seems Avast was still runnuing when you tried to un-install it ?

I would guess that any good security software would rightfully protect itself and should be completely shut down before trying to un-install it :?:

 

All the best, woz of oz

 

Hi woz of oz,

 

I was just at the point to uninstall it. I opened the uninstaller of ASC and then suddenly that popup came appear.

Link to comment
Share on other sites

Aye Woz!

 

Agreed that Avast must completely be shut down before uninstall!

 

The popup you had is to be ignored!

 

As Woz advises make sure all Avast apps are shut down before uninstall.

 

I'm not sure if the log you posted came after you sucessfully removed and then reinstalled or not. I can only recognize avast entries upon a look but can't tell (as the same, with many softwares they are carried over from one to the next).

 

At the time of your log post... Avast was alive and running in your system. If it was the one you were originally trying to remove... Then shut it down completely... then reinstall!

Link to comment
Share on other sites

You helped me alot!

 

Agreed that Avast must completely be shut down before uninstall!

 

The popup you had is to be ignored!

 

As Woz advises make sure all Avast apps are shut down before uninstall.

 

I'm not sure if the log you posted came after you sucessfully removed and then reinstalled or not. I can only recognize avast entries upon a look but can't tell (as the same, with many softwares they are carried over from one to the next).

 

At the time of your log post... Avast was alive and running in your system. If it was the one you were originally trying to remove... Then shut it down completely... then reinstall!

 

In all my threat I noticed your big help for me. I thank you for that. And also all other and administrators! :-D

 

Cheers

Blacksea.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...