Hi all, been using avast for a while and love it, but this is the 2nd time this has happened, need help ???
Jan. avast detected a virus while outlook was loading ;Outlook hadn’t even opened yet. I instructed avast to just delete, which it did. looked thru log and could not find anything relating to it, as it appeared to delete it before it even loaded I “assumed” it wasn’t a problem. several hours later I got the blue screen of death. OK now you say coincidence right! Well, it just happened again last night
What is happening? it’s not even showing in log there is a virus/Trojan etc. Is avast removing the problem? and if so is it corrupting files while doing it? Doesn’t seem to make sense if avast stopped it from loading. What am I doing wrong???
Sorry I’m my panic when the blue screen crash I called Dell tech support and they started walking me thru everything so I didn’t save anything except:
windows/system/config/system missing or currupted
But like I said right after avast detected (trojan)? what was printed in the warning, and after I instructed avast to delete (thinking it was deleting the email) as outlooked haden’t even finished loading yet, I could not find any files in advast or anywhere else relating to the incedent? Is there anywhere you can suggest I look?
Sorry In my panic when the blue screen crash I called Dell tech support and they started walking me thru everything so I didn’t save anything except:
windows/system/config/system missing or currupted
But like I said right after avast detected (trojan)? what was printed in the warning, and after I instructed avast to delete (thinking it was deleting the email) as outlooked haden’t even finished loading yet, I could not find any files in advast or anywhere else relating to the incedent? Is there anywhere you can suggest I look?
This is an update, I been tunning Avast for the past 3 hours it indicated the virus! which I came from outlook in the advast file : win32:diehard-D (trj)
Problem is that although I moved it to chest during scan, when scan was completed log indicated it could not be moved to chest :
error occured during moving file to chest. The operation is not supported for this type of archive. ???
Now what? is it still active??? Why couldn’t avast move and or clean it?
My OS is xp Pro and outlook is from Office XP pro
This is the stange part :o avast chest & logs only show data from 2006? Just did what you suggested in events log-security, same thing? Avast seems to be working-updating almost daily, program is up to date? but it doesn’t seem to be currant???
Because the file is packed into an archive file and avast can’t extract it.
Can you post the file name and path? You can manually delete them. Archive files are inert (won’t infect you). The problem is what is inside the archive file.
Is your system time and date correct?
Yes, date & time is correct.
just finished running advast in safe mode, same results. Trendmicro recommended removing registry keys, but I could not find the one’s they were refering too. Seems this is a very nasty malware/trojan that hide’s & duplicates even in safe mode. I can’t seem to locate the original file it’s in outlook sent via spam. I did get another file reference when avast found it again, vps 080324-0 does that help?
Disable System Restore and reenable it after step 3.
Clean your temporary files.
Schedule a boot time scanning with avast with archive scanning turned on.
Use SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
Thanks for the suggestions, will do them tomorrow and let you know how it works out to tired been at this since 8 am. Just finished running trendmicro but nothing showed except for 1 non-sense grayware and cookies ::). If I didn’t crash last night after avast detected the tojan in outlook I never would have belived there was anything wrong.
Thanks again for your advise all day :-* good night
Well as I supected avast is not performing correctly : upon start up this morning I went to safe mode-disabled system restore-ran avast----virus showed moved to chest again- after 3 hours, at finsih checked chest, NOTHING! read:
Virus Chest server is not running (null) RPC communications failed
I’ve checked all the setting nothing indicating on or off or to enable it??? Don’t understand it everything run’s normally updates program etc. etc. I’m using home4.
Anyway did a boot scan at startup another 1/1/2 hours later- no virus showed??? a lot or errors but nothing relating to the outlook file, which is were it’s showing up as. Oh well, I’ll try running the spyware programs you suggested, but I’m not sure if avast is of any use at this point??? if it can’t stop or quarantine.
Well, did you have any other antivirus before avast?
Can you try to repair your installation?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove. Then choose Repair function in the popup window (Repair).
If this does not help, can you uninstall / boot / install / boot again?
Nop been using avast since I got this puter, it came with Mcafee but I uninstalled everything before installing avast. Had a problem in 06 with spybot so I uninstalled it and uninstalled avast and reinstalled avast than. that seems to be the last file report showing as well. but like I said avast seemed to be doing it’s thing and haven’t had any problems to check quarantine until now. Will try the repair I also ran and installed some of your suggestions, found some trojans that seem to have been disabled? using WindowsCare Wasn’t sure if they would conflict with avast so I only ran it in temp & saved it to tast bar to run again if needed. installed Spyterminator but not it’santi-virus program, again didn’t know if it would conflict. But I also took your advice on running avast root-kit first, awesome! thanks- didn’t show any problems. So I guess avast did cripple the virus when it loaded and prevented it from spreading, although it still crashed my puter.
Again you have been so help, can’t thank you enough for all your support and info :-*
That’s good to know.
But I’m still totally frustrated I ran every spyware, anti-virus progams both you suggested and I’ve done in the past. just ran symantic and still non of them show anything : But avast still does. I just went into outlooks file folder ran avast and it keeps showing up but when I try to move and or delete it keeps telling me avast is not supported to do it. How can I find the achive/registry file logs for outlook? maybe I can remove it from there??
Open Outlook and remove manually the infected email (without clicking in any link inside of the message).
If avast handle the virus, all your emails (.pst file) will be deleted/moved to Chest. I’m sure you don’t want this…
It’s been long gone from outlook. avast deleted it before outlook even opened? usually when outlook filters any spam mail - when outlook opens with it marked as deleted than when I go to the mail sever web page it get’s removed completely from outlook folder. That’s why this is so strange. avast autodeleted it while it was downloading and it’s no longer in oultook or the email server, so I don’t understand how it’s still showing both in oulook’s folder files & avast. or how it could have achived it that avast can’t remove it from the first attempt within seconds it happened.
I know and I have saved emails that I don’t want to loose. I use oulook via my son’s smtp server acct to the mail host, which is why I have been getting so much spam daily. I’m affaid at this point to open Outlook for fear there will be another virus/trojan that avast will not stop and my puter will crash again. Do you suggest I open mail from the mail host??? will advast be able to than catch it??? after 3 days now there has to be close to 500 spams on it.
Did you change the avast Outlook plugin settings?
The answer Yes in Silent Mode keeps the virus in the file or into the message (attach) and continue the scanning. You can’t configure ‘delete the infected file’ in the Home version.
I’m not sure what you mean by “Did you change the avast Outlook plugin settings?”
or Silent mode? do you mean safe mode? Well if Home Version won’t delete it not much more I can do as non of the other virus/spyware programs recognize’s it. I’m simply going to delete Outlook completely from my puter and run my emails thru thunderbird. Just to much to worry about getting ride of it from the cashe that’s not removerable in Outlook.
Again thanks for your help and suggestions. probably going to get another puter anyway, lost a portion of hard drive & puter messed up causing it to over heat from the 2x’s the virus caused crash’s.
to tired been at this since 8 am. Just finished running trendmicro but nothing showed except for 1 non-sense grayware and cookies ::). If I didn’t crash last night after avast detected the tojan in outlook I never would have belived there was anything wrong.
upon start up this morning I went to safe mode-disabled system restore-ran avast----virus showed moved to chest again- after 3 hours, at finsih checked chest, NOTHING! read: