Solved and Closed.

Can you inform the file as being a false positive? (click on the bottom right of the virus warning message).

To know if a file is a false positive, please submit it to VirusTotal and let us know the result. VirusTotal has a file size limit of 10Mb. You can use VirScan also.
If it is indeed a false positive, send it in a password protected zip to virus@avast.com. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

Maybe you need to disable Hide protected operating system files and enable View hidden files and folders to manage the file(s).

Well the Virustotal result was Only G data and Avast detected
the infection mentioned above.The rest doesn’t detect anything in it.

GData uses the avast engine as one of its two AV scanners, so effectively only one detection.

Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and possible false positive in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.

Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.

Done that,thanks for the advices. By the way can help me check my Hijack log if possible?

Hi newbie7,

Considering your HJT file:
Your systeem seems clean of malware, but you have no active firewall running. So your risk from outward attacks is enhanced.

Survey of active tasks
smss.exe

System task

Session Manager Subsystem
winlogon.exe

System task

Microsoft Windows Logon Process
services.exe

System task

Windows Service Controller
lsass.exe

System task

Local Security Authority Service
svchost.exe

System task

Microsoft Service Host Process
svchost.exe

System task

Microsoft Service Host Process
aswUpdSv.exe

Virusscan

Avast Anti-Virus Component
ashServ.exe

Virusscan

Avast
spoolsv.exe

System task

Microsoft Printer Spooler Service
Explorer.EXE

System task

Microsoft Windows Explorer
RTHDCPL.EXE

System task

Realtek HD Audio Sound Effect Manager
RUNDLL32.EXE

System task

Microsoft Rundll32
ashDisp.exe

Virusscan

Avast AntiVirus
BOC427.exe

Backround task

BOC427.exe
ctfmon.exe

System task

Alternative User Input Services
TeaTimer.exe

Application

Spybot S&D Realtime Scanner
AWC.exe

Backgroundtask

Advanced SystemCare
BOCORE.exe

Anti Add/Spyware software

BOCORE.exe
jqs.exe

Background task

jqs.exe
nvsvc32.exe

Application

NVIDIA Driver Helper Service
ashMaiSv.exe

Virusscan

Avast Anti-Virus Component
ashWebSv.exe

Virusscan

avast! Web Scanner
notepad.exe

Application

Notepad
HijackThis.exe

Application

Hijackthis 2.0.2

That’s all,

polonus

Firstly thanks for checking my logs. Secondly i have firewall,its window default firewall though.

It isn’t active in respect of outbound protection, because it has none.

Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.

Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.

• There are many freeware firewalls such as, Comodo (care required now it is a suite not to install the anti-virus element), PCTools Firewall Plus, Jetico, etc. - Zone Alarm free works fine with avast and has a reasonably friendly user interface, however, the free version is becoming bloated with trial ware and is also crippled as far as outbound protection goes In the Program Control, configuration area, the slider will only goes as far as Medium protection, if you want more you have to buy the Pro version.

See A Forum discussion on free firewalls http://forum.avast.com/index.php?topic=30808.0
See http://www.matousec.com/projects/firewall-challenge/results.php.

I see,thanks.

You’re welcome.

By the way,regarding about matousec : http://www.siteadvisor.com/sites/matousec.com.
The reviews stuffs are quite accurate and safe,maybe not the downloads…

I wouldn’t trust siteadvisor as far as I could throw them, I have recently read that their reviews could be up to a year old.

However looking at the downloads, they are test files, to try and bypass firewalls, as in leak tests, so it is no surprise some AVs pick them up, I have both the breakout test files (along with a number of other tools) on my system in my exclusions folder. So again there is nothing surprising there.

Not to mention I have found some that are clearly wrong, sites marker bad that aren’t and some marked good that are malicious.

I feel the same… but in which one we can trust? Finjan?

I see,well thanks for letting me know. And anyways the latest update
has fixed the false positives! Thanks a lot DavidR and Avast team.

You’re welcome, thanks for the update.