I’ve had avast for a few years with no problems, however , I’ve now been getting a siren with a caution that a virus has been detected. Recomended action- move to chest. No problem except that I am getting these warnings every few minutes or so for the past 2 days.
What’s going on and is there anything I can do about this?
Welcome to the forums, bobbydee.
Please download HijackThis from the link below, run the program but do not make any fixes, and then post the log results using the “copy & paste” method. It will probably take more than one post to be able to get the complete log posted. OR, you can post it as an attachment to your post by clicking on “Additional Options…” below left of the posting box. Someone will review your log and then offer help.
http://filehippo.com/download_hijackthis/
Thanks CharleyO but please forgive my ignorance on this matter but I do not quite understand the procedure. I’m afraid of starting the process and then getting confused and mess everything up.
HiJackThis, is an analysis tool and simply running it won’t do anything other than generate a report (log file), which will give us information on what is running on your system. It is the contents of this log file we want you to copy and paste here.
You won’t be asked to take any action before being told what to do and if you still have questions just ask before attempting something you are unsure of.
HJT Information HiJackThis Tutorial.
I suggest:
- Disable System Restore and reenable it after step 3.
- Clean your temporary files.
- Schedule a boot time scanning with avast with archive scanning turned on.
- Use SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
- Test your machine with anti-rootkit applications. I suggest Trend Micro RootkitBuster.
- As suggested before, make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
- Immunize your system with SpywareBlaster or Windows Advanced Care.
- Check if you have insecure applications with Secunia Software Inspector.
The log was too large to post, so can you please tell me how to send an attachment.
You can split the log over more than one post or click the Additional Options, Browse to the log files location on your system and open, see image.
In my post above, I stated how to do it …
[b]then post the log results using the "copy & paste" method. It will probably take more than one post to be able to get the complete log posted. OR, you can post it as an attachment to your post by clicking on "Additional Options..." below left of the posting box. [/b]
Thanks for posting the picture help, David.
bobbydee, did you happen to notice the name and path of this detection? If you spot it happening again take a screenshot of the detection (or write it all down) and post it.
This is not to counter the advice given above; scanning logs are a very good move, just in case.
Tarq57
Is this what you want?
File Name:\DOCUME 1\ROBERT 1\LOCALS 1|Temp\6E.IMP
Malware Name: WIN32:SdBot-5202 (Wm)
Malware Type: Virus/Worm
VPS Version: 080313.0 03/13/2008
BTW, I can’t find the MENU on Avast Home 4.7 if I need to schedule a boot-time scan. I kinda feel lost with all of this.
Schedule Boot-Time Scan with avast! Click on the little button placed up in the left corner, and select Schedule Boot-Time Scan. Read also this tutorial HERE it may make it easier to you to follow the steps.
Next, choose
[*] Scan all local disks
[*] scan archive files
[*]click on Schedule
On the next dialog Operating system restart needed select Yes
Now avast! will restart your computer and start to scan before Windows fully loads.
Yep, although I think it’s possible the last few letters may be Temp\IE6.IMP, which would make it a temporary internet file. There’s not much around about this, but from what there is, you would probably need to do a boot scan to remove it, or use some kind of unlocking program. It may try and re-create itself, too, but that bridge can be crossed if need be.
BTW, I can't find the MENU on Avast Home 4.7 if I need to schedule a boot-time scan. I kinda feel lost with all of this.To find it right click on the tray icon (down the bottom right of the screen) and select "start avast antivirus", it will take a few seconds to start, then the menu button (as essexboy says) is near the top left. "Schedule boot time scan'' is about halfway down.
Thanks to all of you especially in dealing with a novice. Your help so far has been greatly appreciated, although I’m sure I’m not out of the woods yet.
Check your other thread.