Hi,
After I logged on this morning avast! notified me that a virus had been found in an email and I selected the ‘delete’ option.
When I looked at the email in Outlook Express there was a text insert saying:
avast! Antivirus: Inbound message INFECTED:
\message.scr (Win32:Netsky-P [Wrm]) was deleted from the message.
This was my first alarm (other than iframe warnings) and I was very pleased at how avast! had performed!
About 20 minutes later Outlook Express began downloading emails again while I was using Opera. A yellow and red box appeared at the bottom of the screen, but because I was barely awake, I didn’t have time to read it before it disappeared.
I went to Outlook Express and the exact same email as before had been downloaded only this time the avast! insert said:
avast! Antivirus: Inbound message INFECTED:
\message.scr (Win32:Netsky-P [Wrm]) was (BEWARE!!!) left intact in the message.
(the email came from MSN via avast! to spamihilator to OE)
I tried to look at the log but my log viewer doesn’t work so I ‘manually’ went to:
C:\Program Files\Alwil Software\Avast4\DATA\log
and clicked on the ‘warning’ text document which has this entry:
14/08/2004 05:34:51 1092458091 NT AUTHORITY\SYSTEM 1376 Sign of “Win32:Netsky-P [Wrm]” has been found in “C:\DOCUME~1\JOHNRO~1\LOCALS~1\Temp_avast4_\unp126663452\PartNo_2\message.scr” file.
I eventually found my way to
C:\Documents and Settings\John Robert\Local Settings\Temp_avast4_
and though there are two 1k files there, neither of them is ‘unp126663452’!
Also, after finding my way to
C:\Documents and Settings\John Robert\Local Settings\Temp
and before clicking on the avast4 folder, I noticed an icon saying ‘avclear4’ which apparently is an ‘MFC Application’ - can anyone tell me what it’s doing there, what it does, and when should I use it please?
I would be grateful if anyone could help me dispel my confusion over any of the above
I’m now off for a cycle ride around town (Dover, UK) and along the seafront to try and clear the cobwebs away!
John Latter