Error during Boot-Time scan

I am a new Avast! user, and I am running into a problem performing a boot-time scan. When the scan completes, I am shown a screen describing the infections found and a menu of choices for the actions to be taken on the infected file(s), such as “move to chest, remove, etc”. No matter which action I choose, I receive an error stating “ERROR 2 {STATUS_WAIT_2}”. What is this error, and why does it occur?

I am using Windows 7

Any help on this issue would be appreciated!

Do you have any infections? If so, how severe are they? Also look in avast!'s settings to change options that might be making the error. I also have Win7 SP1 and I run boot-time scans and it usually works perfectly.

My Windows 7 is also using SP1. I looked at all of the settings, particularly the ones involving the boot-time scan, and didn’t see anything unusual. They were all at their default settings.

I ran 2 boot-time scans yesterday and received the following entries in the boot-time scan log:

04/08/2011 11:17
Scan of all local drives

File C:\Users\John\AppData\Local\Identities{1A296039-63F1-4E95-B5CB-76EFC8B658AC}\Microsoft\Outlook Express\Backup (1).dbx|>Secure E-mail System.eml#494406992|>message.zip#764180551|>mail.hta is infected by JS:Feebs-A2, Move to chest: Error 2 {STATUS_WAIT_2}, Move to chest: Error 2 {STATUS_WAIT_2}, Delete: Error 2 {STATUS_WAIT_2}, Delete: Error 2 {STATUS_WAIT_2}, Move to chest: Error 2 {STATUS_WAIT_2}
Scanning aborted

Number of searched folders: 6077
Number of tested files: 303646
Number of infected files: 1


04/08/2011 22:19
Scan of all local drives

File C:\Users\John\AppData\Local\Identities{1A296039-63F1-4E95-B5CB-76EFC8B658AC}\Microsoft\Outlook Express\Backup (1).dbx|>Secure E-mail System.eml#494406992|>message.zip#764180551|>mail.hta is infected by JS:Feebs-A2, Move to chest: Error 2 {STATUS_WAIT_2}
Scanning aborted

Number of searched folders: 6086
Number of tested files: 303728
Number of infected files: 1

Do you see anything unusual there? I have no idea what the “JS:Feebs-A2” infection is, or whether it is serious.

Why don’t you try searching it on the web?

Hi John,

Judging by the log report I’d say the virus is in a particular email, maybe an attachment. Please wait for an expert’s opinion on this and if I were you I’d ignore pcclean’s comments (I made this statement judging by the previous posts he made).

Anyway I would suggest that you download Malwarebytes’ Antimalware aka MBAM, from http://www.malwarebytes.org/mbam.php , install and update it, then run a quick scan. Also did you try running a full system scan on Avast ?

As I said an expert will give a proper explanation regarding this issue but do what I said in the mean time.

Cheers!

Thanks DraKuL!

It’s strange… I have run Malwarebytes and nothing shows up during a full scan. I have also run SuperAntiSpyware with a full scan and nothing shows up there either. Even when I run a full scan with Avast it comes up clean and reports no infections. The only time those infections (in an old Outlook Express archive) show up is when I run the boot-time scan with Avast. But at the end of the boot-time scan it will report those infections but won’t let me do anything to those infected files, like move to chest or delete. I just get that “ERROR 2 {STATUS_WAIT_2}” message and all I can do is abort the scan by hitting ESC.

From my understanding of the above, avast found the JS:Feebs-A2 infection (which by the sounds of things is a Javascript infection - they tend to be exploits/redirects to websites that would not effect your computer unless you opened mail.hta inside message.zip).

It’s actually inside one of your Outlook Express backups (C:\Users\John\AppData\Local\Identities{1A296039-63F1-4E95-B5CB-76EFC8B658AC}\Microsoft\Outlook Express\Backup (1).dbx) and if you do not need that backup you could simply delete it.

It’s avast is probably trying to delete the mail.hta file directly - which it unable to do as it is actually contained inside the Backup (and while it can look inside the archive, it is likely that it can not remove files from it).

Hope this helps.

No worries! By the way if you scanned using MBAM, SAS and Avast and nothing got detected, the pc is pretty much clean :slight_smile:

As for the issue, as BTCentral said, if the backup isnt needed, just remove it.

Thanks again DraKuL and BTCentral!

I agree that since MBAM, SAS, and Avast found nothing wrong during those full scans it is probably nothing that I should lose sleep over. There is nothing in those old Outlook Express backups that I need, so I will simply delete them.

Thanks again both of you for all of your help!

John

Glad we could help! Its a good idea to remove the old outlook backup files - since you won’t be needing them!

Cheers! :slight_smile: