Well, that makes it quite difficult to give advice… ;D

try booting the PC in SafeMode (F8-Boot) and running a full scan with avast then: note all virusnames and filenames/locations of infected files exactly,
and let avast repair any infections, or move the files to chest.
a Boot-time scan could also help…

Also try SPYBOT from http://security.kolla.de
and CWSHREDDER from www.lurkhere.com

update them, and then scan&fix with them in safeMode


General advice:

Where exactly was the infected File found (full pathname and filename) ?

Sometimes it’s enough to

  • clear all TEMP-folders and
  • empty Temp.Int.Files folder(s) (via IE->Extras-Internetoptions->Delete files, including OFFLINE files) and
  • empty java-Cache or
  • disable system restore on Win ME/XP
    to get rid of it…

test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name
(you need to temporarily disable AV-Resident Shield/Monitor/Guard to be able to scan the file online)

(If they all don’t show it as infected, please send it in a password-protected zip-file to
virus@free-av.de/virus (at) asw (dot) cz
Include the password and a link to this posting in the mailtext)

-remove the Virus/Malware and it’s system modifications according to VirusInfos
from Avast, VGREP, TrendMicro, Kaspersky;
you might also try searching for the virus name or filename with google

general removal procedure:

  • disable system restore on Win ME/XP
  • kill respective Backdoor/Trojan process with task manager
  • search for the file/process names in the registry; remove the malware’s startup entries in the registry
  • disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot

-Secure your system:
change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - or better use a secure browser

  • scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro to check whether your PC is clean :wink:
  • reenable system restore on Win ME/XP

if it’s of the trojan-gen kind: spybot, ad-aware and cwshredder might also help
if you still can’t remove it, you could post a logfile of Hijackthis here

see www.lurkhere.com ->nicefiles and www.lavasoft.de

Further Details and Links via the board search above :wink: