Avast Standard Shield detects a virus on the hard-disk in one of it’s files. Alert sounds, popup options given. I choose “No Action”. The file becomes blocked “access denied” and from that moment, the mail scanner system slows down. Mail Scanner suddenly takes 20 seconds to scan a 20kb email etc etc. hard-disk churns continually over simple tasks. If I turn off the mail-scanner service, the speed of checking mail folders and email (thunderbird) is returned to normal.
I tried “repair installation” from Control Panel and it doesn’t fix it.
This is the 3rd time I have experienced this problem over the past 12 months - each time after a virus is detected in this way, the same ‘corruption’ occurs.
The last 2 times I had to uninstall avast completely and reinstall again, which did correct it.
I guess I’ll have to do the same this time also.
If I can provide you with additional information which could help resolve this ongoing issue, please let me know.
Thanks
ps: I should also note that the .exe containing the ‘virus’ was never run and the machine never infected. Avast blocked the file immediately after download.
What is the malware name, the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe
Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log
The problem being why is this keygen.exe there, these are frequently infected as these (keygens, cracks, etc.) aren’t used for legit purposes.
So if this is to generate a key for software that would otherwise require payment to get a key, they frequently have other guests along for the party. Though why this would cause any corruption is beyond me unless the malware is actually trying to disable avast, whilst that may fail it could possibly corrupt files.
What is your firewall ?
What other security software do you have installed on your system ?
Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?
I think this is as good a guess as any as to the possible cause of corruption, whatever is creating/restoring keygen.exe file could also be attacking avast so that file when run possibly by the parent which created it.
Did you upload the file as Igor asked:
[quote author=igor link=topic=46206.msg387768#msg387768 date=1245363475]
Can you make the file available? E.g. upload it to ftp://ftp.avast.com/incoming