Hi, I’m a new user to avast!, just switched over from AVG due to friend recommendations. avast! seems to have found a virus/malware AVG missed out, but avast! doesn’t seem to be able to repair or move it to the chest. I’m reluctant to delete it as I’m unsure if it’s a crucial file. Please advise on what I can do to get rid of it.
It’s a malware for sure.
Only a few executable files infected by a few malware types could be repaired.
It’s a rootkit that you can try send to Chest or directly remove (delete).
Also it will be good to scan at boot time.
Welcome to avast forums.
Are you using Windows XP/Vista?
Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning.
Select for scanning archives.
Boot.
If infected files are found, it’s safer to send them to Chest instead of deleting them.
This way you can further analysis them.
It is a rootkit so it is protected and even if you manage to delete it then it could be back. That is why the RootRepeal a specialist anti-rootkit was suggested by micky77.
Yes indeed, to make matters worse, i’ve not heard of this one.These TDSS variants are getting worse. One, Skynet recently managed (under certain circumstances) to escape SandBoxie and write to disc :o
Hey guys, am currently running a boot scan to try and move the virus to the vault from there, if that doesn’t work I’ll try Micky’s suggestion. Thanks. Btw, does anyone know what are the effects of this virus? Because my desktop seems to be functioning normally.
Rootkits are used for hiding many things so it could be almost anything. Regardless of what happens on the boot-time scan you should still run RootRepeal.
Hi all,
Luckily, I’ve never had need to frequent these forums before, but I’ve got some infection problems now I’d really appreciate help with. I enjoy doing PC maintenance, so I did a routine boot time scan with Avast and it found a whole slew of infections:
win32:Alureon-co
win32:Patched-KY
win32:Trojan-gen
win32:Agent-AGPZ
win32:FakeAV-OZ
win32:Fasec
It’s really large so I didn’t want to paste it into a forum post. Like the guy in this thread with the Alureon problem, I didn’t notice any PC performance problems. Also, I appear to have gotten the infection around the same time as him.
Thank you so much for any and all advice.
Thanks micky. That’s a good point, I think it might have come up in the restore file. I scanned files with rootrepeal and it didn’t come up with anything (except firefox, which i had open). So, am i home free? ;D
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe
Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log and copy and paste the entry.
Hi David,
The Avast log didn’t come up with any warnings. But I think that’s because since I found the infection, I uninstalled Avast to see what some other antivirus programs would find. I’ve reinstalled it since, done a boot time scan and found nothing.
Spooks