Bredo

Hi.

I’m getting messages, one after the other, that Avast has found a virus called Win32:BredoPack (Cryp).

Normally, with the help of Avast (the free version) I can cope with viruses, but now it just keeps popping up. It cannot be repaired and Move to chest doesn’t seem to help either.

I use WinXP. The virus is found here: C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe

I’m not familiar with viruses at all, so please be patient with me and if you help me, please explain it in a simple way. Thank you.

Are you using Windows XP/Vista?
Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning.
Select for scanning archives.
Boot.
If infected files are found, it’s safer to send them to Chest instead of deleting them.
This way you can further analysis them.

See also: http://www.digitalred.com/avast-boot-time.php

Access denied means, generally, that the file is in use by another process (program) and cannot be repaired/cleaned/moved/handled by avast!
The report file is created automatically in \Data\Report\aswBoot.txt

BredoPack is a successor of WaliVun (fake UPS tracking e-mails)… can you upload the sample to www.virustotal.com and post the result here?

i’ve got the same problem…

http://www.virustotal.com/pl/analisis/a4a4efb8eaf2cb10d7699ca9b448e8e55f562997adf46a9d4b77d000aa3f45f9-1251791197

got the exactly same problem yesterday, it kept popping up and moving to chest didn’t solve it so I just scanned the PC before windows booted up (how i was recommended by avast) and so far so good


Welcome to the forums - wyv, XeterPL, and hunty. :slight_smile:

@ wyv & XeterPL,

Have you followed the recommendations and has the problem gotten better?

@ hunty,

Good job of it and let us know if the problem returns.