HI, I hope I’ve posted in the right place. I have Avast 4.8 home edition and just got an alert for the JS:Prontexi, but when I try to move it to chest I got the following;

Avast: the process cannot access the file because it is being used by another process
then gives the path to my C drive… temporary internet files\Content.IE5\2BALB2TQ\kav2[1].htm file

Any idea how to fix this?

Thanks

Ads poisoning – JS:Prontexi
http://blog.avast.com/2010/02/18/ads-poisoning-–-jsprontexi/

Have you tried Boot time Avast Antivirus Scanning http://www.digitalred.com/avast-boot-time.php

yes, I read the article but not clear on what the virus does…I guess this is a whole new animal for the internet. I do remember seeing something pop up a while ago about google analytics and thinking hmmmm, that’s weird.

I have looked at the instructions for the system scan, and just want to be very sure that when choosing in the advanced options tab that i want to allow “move or delete” system files. The warning it’s giving me is kind of scaring me…Do I REALLY want to allow that?

Then I guess the scan will do it’s business and reboot and then I can check to see if the file went into the chest?

Thanks

Hi Mazy,

Read the info here:
http://www.wilderssecurity.com/member.php?s=3e45b149caa80b681f110a672e5e4317&u=30596

Typically caused via an Adobe exploit, probably because you have outdated or not fully patched third party software, you can check that through Secunia PSI: http://secunia.com/vulnerability_scanning/personal/

polonus

@ polonus

The link to Wilders is for Members only.

Secunia Online Software Inspector (OSI) does not require installing PSI:
http://secunia.com/vulnerability_scanning/online

You could try ATF cleaner first to empty your temp files and see if the warning dissapear
http://www.geekstogo.com/forum/ATF-Cleaner-file21.html

The Secunia was an excellent idea and it turned out that the adobe update was indeed the problem. So I have patched that, also I think I had updated Adobe a couple of days ago so that must be where the problem started.

I use the TFC file cleaner program and just ran that yesterday, so is that pretty much the same as the ATF that you mentioned? It reboots my system when it runs so I think I’ll wait to run it again until after I deal with this virus.

I am going to bite the bullet here and run the system scan with the advanced options. I’m assuming that the option to move or delete system files is referring to those files such as Adobe that were a problem.

I’ll check back and let you know how it goes – probably tomorrow if all goes well. Hopefully.

The scan worked and JS Prontexi is in the chest. Thanks for your help!

You’re welcome…

Hi Mazy,

Thanks for reporting, to stay safe and secure, is the wish of,

polonus