Jump to content

(1) Unable to delete registry key; (2) avastsvc.exe

RebDovid

By RebDovid
in Resolved Malware Removal Logs

 Share

Recommended Posts

RebDovid

RebDovid

Posted
Posted

Malawarebytes Pro identifies two problems with my relatively new Windows 8.1 64-bit system: one is a PUP registry key that cannot be removed. The other is the blocking ports associated with avastsvc.exe. Any help explicating these two issues and resolving them will be appreciated.

 

TIA

 

First, Malwarebytes Pro finds one PUP, a registry key, that it's unable to delete, as I've confirmed by trying several times. The key is:

 

Registry Values Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\David\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun.

 

 

Here's the complete log:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org
 
Database version: v2013.11.23.05
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16438
David :: DAVID-PC [administrator]
 
Protection: Enabled
 
11/23/2013 2:00:03 PM
MBAM-log-2013-11-23 (14-03-29).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214131
Time elapsed: 3 minute(s), 7 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\David\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
Second, Malwarebytes Pro also appears to be blocking outgoing ports relating to avastsvc.exe. A sample log is attached, here I've extracted the entries showing avastsvc.exe:
 
2013/11/23 00:05:51 -0800 DAVID-PC David IP-BLOCK 93.114.44.238 (Type: outgoing, Port: 55595, Process: avastsvc.exe)
2013/11/23 00:05:52 -0800 DAVID-PC David IP-BLOCK 93.114.44.238 (Type: outgoing, Port: 55596, Process: avastsvc.exe)
 
2013/11/23 00:20:10 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 56585, Process: avastsvc.exe)
2013/11/23 00:20:10 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 56586, Process: avastsvc.exe)
2013/11/23 00:20:26 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 56644, Process: avastsvc.exe)
2013/11/23 00:20:26 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 56645, Process: avastsvc.exe)
2013/11/23 00:25:14 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 56961, Process: avastsvc.exe)
2013/11/23 00:25:14 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 56962, Process: avastsvc.exe)
2013/11/23 00:27:22 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 57176, Process: avastsvc.exe)
2013/11/23 00:27:22 -0800 DAVID-PC David IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 57177, Process: avastsvc.exe)
 
2013/11/23 08:19:08 -0800 DAVID-PC David IP-BLOCK 178.132.201.26 (Type: outgoing, Port: 58807, Process: avastsvc.exe)
2013/11/23 08:19:08 -0800 DAVID-PC David IP-BLOCK 178.132.201.26 (Type: outgoing, Port: 58808, Process: avastsvc.exe)
 
2013/11/23 09:24:26 -0800 DAVID-PC David IP-BLOCK 162.210.192.9 (Type: outgoing, Port: 60835, Process: avastsvc.exe)
2013/11/23 09:24:26 -0800 DAVID-PC David IP-BLOCK 162.210.192.9 (Type: outgoing, Port: 60836, Process: avastsvc.exe)
2013/11/23 09:33:38 -0800 DAVID-PC David IP-BLOCK 162.210.192.9 (Type: outgoing, Port: 61065, Process: avastsvc.exe)
2013/11/23 09:33:38 -0800 DAVID-PC David IP-BLOCK 162.210.192.9 (Type: outgoing, Port: 61066, Process: avastsvc.exe)

 

 

protection-log-2013-11-23.txt

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello RebDovid and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites
RebDovid

RebDovid

Posted
  • Author
Posted

Hello RebDovid and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

 

Indeed, I am a paying customer and would be happy to contact the help desk at Customer Support. It's just I don't know what to put down as my order number. I bought Malwarebytes Pro through Newegg. Should I enter the activation code ID? the Key? My invoice number from Newegg? Something else.

Link to post
Share on other sites
  • 3 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.