I searched around a bit but was unable to find a topic addressing this.
I recently purchased a new laptop running windows 7 home premium. I then installed both dropbox and the free version of avast. The problem is, every time I start dropbox, a get notifications about every minute that avast has blocked malware coming from dropbox. It’s associated with the dropbox.exe *32 process. Avast repeatedly moves a temp file to the virus chest, saying that it is a Win32:Trojan-gen. I’m not sure if this is a false positive or not, but I’ve never had problems between avast and dropbox before. To get the pop-ups to stop I just start task manager and kill the dropbox.exe *32 process, but it would be nice of course to use the program. Here’s the name of the file that avast keeps moving to the virus chest:
Whoops, sorry about that. I’m new to this stuff. ;D
Okay, so it’s a real virus. Next question then, how do I get it to stop popping up every minute? The file is never permanently removed but just gets created over and over again. Any ideas on that?
Ok, I guess I’m not sure what to do about it. I scanned the entire dropbox folder, and no threats were found. Then I thought the program itself was the problem, so I uninstalled it, deleted all my synced info, and re-downloaded and re-installed the program. Same result, except this time the temp file has a different name. Also checked that one on virustotal.com, and interestingly enough, it stated it was the same file as the one I had tried earlier today.
So what to do? The problem isn’t with the files I have on dropbox, and it’s not with the program itself. I don’t disagree that there’s an infection, but I don’t know how to find and permanently remove it.
[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
I’ve got two logs for you - one OTL produced after running the fix, then one after the quick scan. Unfortunately, it didn’t work. After the reboot, dropbox also started automatically, and the popups started coming again one after another.
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks