Avast found virus, now doesn't find it

Not sending out an sos yet, just a couple of questions -
I ran a routine boot-time full scan on my pc last night and Avast discovered two threats - win32 pup and win 32 patched-adq. In mid scan, I told Avast to delete the first (pup), which it successfully did, and then when it found the second, to delete that as well. But I got a message saying that Avast couldn’t delete it, and got the same message when I tried to repair and move to chest. Then I did another boot-time full scan, only this time Avast didn’t find any threats.

Can a virus do that - get detected once during a scan, then become invisible for any subsequent scans?

Note that when Avast detected the patched-adq, it was in a file (C:[something].sys). Now that file doesn’t appear to be there anymore (and I’ve made windows explorer display hidden files). Could this mean the delete was successful after all?

This could have happened after you succesfully moved it to the chest. To make sure, a combofix run might be necessary. Essexboy will be informed, wait for his appearance and instructions in this thread. To know what to expect more or less from a likewise scenario, have a look here: http://forum.avast.com/index.php?topic=91419.0
The cleansing there was for that particular case and that particular vicitim. Do not do anything yet, but first wait for essexboy’s instructions to you and then follow these instructions up meticulously,

polonus

Thanks, will do. I thought it might have been moved to the chest, but there’s nothing in the chest, unfortunately.

btw - sadly, I was the victim in the thread you linked. I ended up having to format the hard drive. But that was a much worse case - multiple infected files, all of which were cleanable except for one.

win32 pup
you should also know that PUP is not virus, but a warning that you have a program that can be used for good or bad if abused......and default setting for PUP scan is off in quick/full scan

PUP (potentially unwanted program)
http://searchsecurity.techtarget.com/definition/PUP

Quick Update - I’ve run two more boot-time scans. Both times no threats were detected, but both times I got this message during the scan:

“File C:\Windows\pchealth\helpctr\config\cache\professional_32_1033.dat |> directory.bin error 42136 {chm archive is corrupted}”

Corrupted Archive file, this could simply mean that avast is unable to unpack it to scan the contents of the archive and assuming it is because it is corrupt. So it is simply stating that it can’t scan it and giving the reason why, nothing to worry about.

Even if it were corrupt there is nothing that a user can do to resolve any corruption, short of replacing the file. This I wouldn’t recommend, unless you are getting problems relating to that file outside of the avast scan.

Good to know – thanks. I thought it looked suspicious, given the file path running into the help center.

I’m still very curious about what happened to this virus – if it’s really gone or just became invisible. PC is not behaving oddly (no browser windows opening up spontaneously, as before), but I don’t want to take any chances, as this pc does have sensitive data on it.

In any case, I gather Combofix is definitely something I don’t want to run on my own?

You’re welcome.

Combofix is a powerful tool that should be used under guidance as there are many instances of malware that if removed in the wrong order can have serious consequences for the system

So generally you would be asked to run some analysis tools to try and identify the problem and the course of action.

Aside from this corrupt archive are you experiencing any other symptoms that you considered using combofix ?

No, just that Avast initially detected the virus on a boot-time and said it was unsuccessful removing it, but now all boot-time are coming back clean.

OK, nothing further then.