Avast! version 4.8 Professional

I have recently acquired Avast! 4.8 Professional and, after scanning the Hard Drive, I isolated the following two infected files into the Virus Chest (as recommended):

  1. A005396l.exe, location - C:\System Volume Information_restore, Virus-Win 32: Adware-g…

  2. kmd133_en.exe, location - C:\Program Files\KaZaA\My Shared Folder, Virus - Win 32: Adware-g…

I am wondering if you could analyze and advise if these files can be removed for good from my system. I, myself, have no expertise in this area and hesitate to act.

There are three further questions I would appreciate an answer on as well that I could not resolve from the Help menu and Frequently Asked Questions and would be grateful for your indulgence here as I am new to this program and support features:

(1) The Resident Protection feature in the Scanner Window was set at Custom (as opposed to Standard or High), and I must have accidentally removed before scanning because it is now set at Standard. I don’t know how to restore to Custom (which I presume is the preferred position). Would you pleazse advise me on this as well and also explain the difference between Standard, High and Custom as I was unable to ascertain this information from the Help file.

(2) I notice in the Scanner Window there is a choice of selecting “Scan Archive Files” or not. Is it recommended these be included?

(3) I notice in the Resident Protection window the Scanner Sensitivity arrow is between Normal and High in the Outlook/Exchange window and the Provider Configuration arrow is at High instead of Normal or Custom. My mail program is Outlook Express, and I don’t know whether this has a bearing on these settings and also if the Custom setting referred to above in the Scanning Window has any affect on these two windows.

I have a Dell Dimension 4100 Desktop computer with Windows XP - Home Edition - operating system, Service Pack 2, Pentium 111 processor with 930 MHZ, 20 GB Hard Drive and 512 MB of RAM. The file system is FAT 32.

I would be very appreciative of your co-operation and advice in these matters.

Stewart Fluney

Hi…

I can offer a couple answers for two of your questions. :slight_smile:

  1. You can scan the files that are in your virus chest here to confirm whether they are indeed malware…

http://virusscan.jotti.org/

  1. While files that are zipped up in archives can’t infect your system directly, it’s a good idea to check this option just so that you will be aware if a an archived virus is present on your system (so you don’t accidentally open it.)

Best Regards…

Re 1. above:
You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

  • Upload to VirusTotal - Multi engine on-line virus scanner and report the findings of these files here.
    I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners.

ardvark & DavidR:

Many thanks for the response and information.

Stewart Fluney

You’re welcome, let us know how you get on with the VT results.