sorry for my poor English…
for these three or four days, everytime when i boot my machine, AVAST will report 14 virus file, like this:
2007-7-13 14:41:01 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\1.exe[Upack]” file.
2007-7-13 14:41:08 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\2.exe[Upack]” file.
2007-7-13 14:41:12 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\3.exe[Upack]” file.
2007-7-13 14:41:17 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\4.exe[Upack]” file.
2007-7-13 14:41:28 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\5.exe[Upack]” file.
2007-7-13 14:41:42 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\6.exe[Upack]” file.
2007-7-13 14:41:49 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\7.exe[Upack]” file.
2007-7-13 14:41:58 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\8.exe[Upack]” file.
2007-7-13 14:42:08 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\9.exe[Upack]” file.
2007-7-13 14:42:18 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\10.exe[Upack]” file.
2007-7-13 14:42:27 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\11.exe[Upack]” file.
2007-7-13 14:42:50 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\12.exe[Upack]” file.
2007-7-13 14:42:57 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\13.exe[Upack]” file.
2007-7-13 14:43:09 luo 444 Sign of “Win32:OnLineGames-WK [Trj]” has been found in “C:\DOCUME~1\luo\LOCALS~1\Temp\14.exe[Upack]” file.
there are always this 14 files, when i unplug the network, and boot again, the virus are not reported.
Obviously, the virus comes from network.
How to prevent it? or, when the virus enter my computer, how to set AVAST, let AVAST kill the files silence, no need for my confirm?
Update your avast, your Windows and use anti-trojan tools. It will be good if you download, install, update and run AVG Antispyware. Some users recommend SUPERantispyware, Spyware Terminator and/or a-squared (take care about false positives).
If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
i installed AVG Anti-Spyware 7.5, scanned the whole disk, when i restart my computer, the same thing happened, only AVAST report virus, AVG had no action!
I don’t think it’s a false positive. If you submit the file ‘again’ to VirusTotal it’s possible that others start to detect it…
I would send the file to Chest or, better, scan with avast at boot time.
If a virus is replicant (coming and coming again), you could follow the general cleaning procedure:
It will be good if you download, install, update and run (besides AVG Antispyware), SUPERantispyware, Spyware Terminator and/or a-squared. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
Also, if you still detecting strange behaviors or you want to be sure you’re clean, maybe making a HijackThis log to post here and, specially, scan and submit to on-line analysis the RunScanner log would help to identify the problem and the solution.
when i find AVG can’t prevent it, i install SUPERAntiSpyware, but it alse can’t prevent it.
“Lavasoft ARIES Rootkit Remover” find nothing,
Spybot find nothing too…
finally, i install Microsoft’s WindowsDefender, reboot, then link to the internet, there are no alert!