Hi, I am a novice with computers so would appreciate help. I have avast 6 free and have just detected a virus. The result showed the file was located at C:\Users|Brian|…|1dab5164-7223f251. I am not sure but is this a file. I tried to repair but it didn’t work so I moved it to the chest. I was also reading about malwarebytes and wanted to know if the free version is as effective as the pro version and how to avoid conflict with my avast.
I also wanted to know how to determine which site the virus came from I know when a pro works on a computer they can usually find the source of it. I try to stay on legitimate sites to avoid viruses butt there are other users.
Your help on this matter will be greatly appreciated.
You don’t say what the malware name was, but only true viruses (not trojans, etc.) can a repair be attempted, e.g. remove the small element inserted into the legit file. Trojan files are all malicious content so there is essentially nothing to repair. So sending it to the avast chest was the correct action to do.
There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
The differences between the free and paid version of MBAM is that the free version doesn’t provide resident protection, it is on-demand scanning only.
There should be no conflict with avast with the free or pro version of MBAM. If you choose the pro version of MBAM, the only exclusion I would suggest you need it to enter the c:\windows\temp_avast_ folder in the Ignore List tab of the MBAM settings. This is where avast unpacks files/content that it is going to scan, so you don’t want MBAM monitoring that folder.
Thanks David, I greatly appreciate that, the worm found was Win32:Renosa-J. I know you said to keep it in the chest for a few weeks then rescan it but does malwarebytes destroy it immediately if I had it installed. Also I had asked is it possible to trace the origin of such a worm ie what site caused it, I know when technicians work on computers they usually seem to be able to tell what site caused it. Thanks again for the quick and informative reply.
MBAM although it has a Remove selected button, it doesn’t actually delete them but puts them in Quarantine.
If anyone is telling you that they can state what the origin of the infection was look under the table for a crystal ball as that is the only way they would know.
Only if you were to have got an immediate alert when you visited a site, could you even narrow it down and be sure it is said it was that malware/worm name and this didn’t happen as it was found on your system. c:\users\yourname.…\1dab5164-7223f251 looks like a temporary internet files sub-folder (the .…\ bit is concatenation which may have said it was temp internet files), but that would be no help in actually determining where it came from.