False alarms all the time

Hi,
For the past couple of weeks my Avast free anti virus has claimed almost any and all items on my computer as infected!!!
If I didn’t know any better I would click the action button until it deletes the files.
However, I DO KNOW BETTER and avoided deleting WINDOWS files.
Some of the files claimed to be infected:Photoshop, Office, Firefox, Skype, VLC, Steam, Acrobat, CCleaner, Dropbox and more!

At some point the new interface update came out and I thought “the problem will be solved now”.
but it didn’t! I had to make heaps of exclusions just so I won’t get an alert on every single application!
Even after reinstalling it keeps doing it - less than before - but still does

Please help me out here,
Daniel

Edit:
Windows 7 64bit

Please attach your logs. (MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0

For the past couple of weeks my Avast free anti virus has claimed almost any and all items on my computer as infected!!!
well it sound like a file infector.....what malware name does avast give these files?

Hi @Sin91

Please download DDS and save it to your Desktop from here:
http://www.bleepingcomputer.com/download/dds/dl/104/

Double click to run the tool, click the Start button.

  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt

Save both reports to your desktop. DDS.txt and Attach.txt attach back to topic.

Hi,

What Pondus said may be very true. Ignore Asyn and listen to Argus.

Also, when Avast! Warns like that, I strongly recommend not adding those to an exclusion list. If it is a file infector, those files you’ve listed have probably been infected with something like Sality.

Sality: http://en.wikipedia.org/wiki/Sality

@Asyn - Done.

@Pondus - Win32:Malware-gen and VBS:Agent-KZ [Trj]

@argus - cant attach more then 4 files, so I added dds+attach to the 1st post

@Michael (alan1998) - if it is of the sort, what should I do?

ty all for the fast reply!

@argus - cant attach more then 4 files, so I added dds+attach to the 1st post

Open another post and attach here DDS logs.

Sorry I have not seen the first post.

Please download Farbar Recovery Scan Tool (
http://www.mcshield.net/personal/magna86/Images/FRST_canned.png
) by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

.


Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

Uninstall-List;
QuickScan; 

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

Done and done.

ty, again.

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:


autoclean;
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job;f
C:\Windows\tasks\update-S-1-5-21-3987107636-4164648018-336410611-1000.job;f
emptyclsid;
emptyalltemp;

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

.

. — > next

Scan with Combofix:

[*] Please download ComboFix by sUBs and save it to your Desktop.
You may read how Combofix works here.

[*] Temporarily disable your AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix.
If you are unsure how to do this please read this or this Instruction.

[*] Run ComboFix. Click on I Agree! & follow the prompts.
Note: If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart your computer.

[*] When finished, it will produce a report for you. Please attach log reports (ComboFix.txt) back to topic.
(typical log location: C:\ComboFix.txt )

Done.

Argus is asleep by now. Wait till tomorrow

@Sin91, I do not see infection on your system, maybe it was a false alarm.
I recommend reinstall or update Avast.

It is necessary to uninstall ComboFix :

[*] Click Start (or
http://amf.mycity.rs/pg/images/VistaStartButton.png
) then Run.

On Windows7 or Vista you may use Start Search field if Run is not available.

[*] In the line of text type in (Copy) the following:

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

[*] then click OK (or press Enter ).

Wait for the uninstall process is complete.
.

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

Well, it seems to have calmed down a bit (Some of the games still accounted as viruses… but I can manage)
Thanks a lot for all the support, I have no idea what reports I sent you and how to read them lol

Cheers!