Is this paranoia?

system · March 15, 2009, 7:55am

I am trying to get my grip on windows vista 64x…so far so good…except for the fact that avast does not support boot scan for 64 bit OS…yet :-[

While surfing avast caught a trojan js:redirector which was deleted …however it has popped up again quite ever so often.

I cleared cache in firefox simply by pressing ctrl+shift+del…with all options ticked. Yet it popped up again. Next I ran a through scan on all drives within the os…no virus was found in the scan.

However I have a hunch the virus might still be lurking around because i have had instances before in win xp…wherein some virus would show up only in boot scan…and not within scan initiated in the OS.

Is there any alternative to run…boot time scan in vista 64 to be completely sure…or the virus has been completely removed…and i can work in peace?

Thanks

Tarq57 · March 15, 2009, 7:59am

I don’t think this is paranoia, not seriously, anyway. Try a second (or third) demand scanner, maybe one that can run in safe mode. MBAM, Superantispyware, and DrWeb Cureit are all good.
http://www.malwarebytes.org/mbam.php
http://www.superantispyware.com/download.html
http://www.freedrweb.com/cureit/

system · March 15, 2009, 9:54am

vim rossi post:1:

I am trying to get my grip on windows vista 64x…so far so good…except for the fact that avast does not support boot scan for 64 bit OS…yet :-[

While surfing avast caught a trojan js:redirector which was deleted …however it has popped up again quite ever so often.

I cleared cache in firefox simply by pressing ctrl+shift+del…with all options ticked. Yet it popped up again. Next I ran a through scan on all drives within the os…no virus was found in the scan.

However I have a hunch the virus might still be lurking around because i have had instances before in win xp…wherein some virus would show up only in boot scan…and not within scan initiated in the OS.

Is there any alternative to run…boot time scan in vista 64 to be completely sure…or the virus has been completely removed…and i can work in peace?

Thanks

Where does it pop up ? Whats the name and location ? You could try Avast in safe mode ( tap the f 8 key when booting )

system · March 15, 2009, 2:47pm

The virus was detected while surfing in firefox on a shareware site (js:redirector) in
C:\Users\Vim\AppData\Local\Mozilla\Firefox\Profiles\utdpg05j.default\OfflineCache

after clearing cache it appeared twice…and hasn’t appeared ever since a full thorough scan of all local drives.

polonus · March 15, 2009, 3:01pm

Hi vim rossi,

Step 1. Locate your Firefox browser cache URL.

Type in about:cache in your address bar and press enter.

Three listings will be displayed, that being Memory cache device, Disk cache device and Offline cache device.

You want to pay attention to Offline cache device. The cache directory will be listed there. It will very long:

Step 2. Open up a Windows Explorer and load the cache directory because there you can sort the files in this Offline Cache

Note: Windows Explorer is not the same as Internet Explorer.

While still in Firefox, highlight the entire Offline cache directory and copy.

Click Start then Run, type explorer and click OK.

A Windows Explorer appears, usually landing in My Documents first.

In the Explorer address bar, paste in the cache directory.

Now you can scan these individually using avast or DrWebCureIt or another malware scan like MBAM or SAS,

polonus

system · March 15, 2009, 4:17pm

I individually scanned the cache folder as mentioned by polonus.

No infections found. maybe its gone for good

polonus · March 15, 2009, 4:21pm

Hi vim rossi,

So much the better and good you made sure here it has left your machine,

pol

Is this paranoia?

Announcements