I was clean yesterday and got an Avast alert that I had liser.dll in c:\program files\Manson
I don’t have a program files folder in C:\ (Yes I am showing hidden folders)
My windows directory is on a different drive.
Is this a fake alert? I don’t understand.
Well where was avast installed as that gets installed by default into C:\Program Files\Alwil Software\Avast4. What is the C:\ partition used for ?
What is Your OS ?
What action did you choose on the detection, Move to chest is the best option, if that folder didn’t exist I can’t see how it can detect it.
Have you tried a system wide search for liser.dll and were you able to find it.
See http://www.systemlookup.com/search.php?type=filename&client=malwaresearch-ff&search=liser.dll, so it would appear to be a good detection, wherever it is located.
A little more information available at :
http://www.threatexpert.com/report.aspx?md5=d3305754f688a304a18190ecf03aa58c
http://www.prevx.com/filenames/X1051571302143410306-X1/LISER.EXE.html
Charley your liser of prevx is a .exe his liser is a .dll so here that may cause to your system this liser.dll
http://www.prevx.com/filenames/1002373412328970165-X1/LISER.DLL.html
Thanks … I copied the wrong one.
But, the executable is likely to be there also unless someone/something has deleted it.
No problem its normal to do fault. We are human we cant be perfect in the life.
Your welcome.
My windows directory is on a different drive.
How old is your operating system? Is it windows 98?
Where is your Program Files folder? Your screenshot of the alert says that it is in the C:\ directory.
There is no reason that it would not be in your screenshot of the C:\ directory.
What is the letter on your other drive that the Windows directory is on?
Is that a whole other hard drive with another different C:\ directory?
He got XP for sure i think its SP2 or SP3 let wait the respond im sure im true.
Thanks for the quick responses.
I am running XP SP2 and my operating system is on another partition. I purposefully did not put it on the C: partition.
I will try and look for liser.dll
What is strange that I wasn’t running a scan. It just sort of popped up. I tried repairing but it failed. Moving to chest failed as well.
Btw try to update to SP3 if possible because there are some recent change on the security if im not wrong. So more your XP or any OS is updated more its sure to be more protected.
Thank.
Mr.Agent
oh yes, I see in second image, XP.
I was looking at progra~1 in first image, so I thought maybe 98.
You don’t have to be running a scan for avast’s resident protection to alert. What it means is that the file was being activated and before it is allowed to run avast would scan it.
If you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php.
Trojans generally can’t be repaired (either by the VRDB or avast virus cleaner), because the entire content of the file is malware, so it is either move to chest or delete, move to the chest being the best option (first do no harm). When a file is in the chest it can’t do any harm and you can investigate the infected warning.
The VRDB only protects certain files, mainly .exe files, it doesn’t protect data files or all files, it is not a back-up program, so there are going to be many occasions where repair won’t be an option.
Only true virus infection can be repaired, e.g. when a virus infects a file it adds a small part to it, provided that file is one that avast’s VRDB would monitor and you have run the VRDB, then it may be possible to repair the file to its uninfected state.
However, for the most part so called viruses, trojans (adware/spyware/malware, etc.) can’t be repaired because the complete content of the file is malicious.