just boot your PC to safe mode (F8-Boot) and then move it to chest with avast, or delete it…
if that doesn’t help :
what WIN do you have ? Are all ServicePacks and Windowsupdates applied ?
test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name
(you need to temporarily pause AV-Resident Shield/Monitor/Guard to be able to scan the file online)
(If they all don’t show it as infected, please send it in a password-protected zip-file to
virus (at) asw (dot) cz
Include the Zip-password and a link to this posting in the mailtext)
-remove the Virus/Malware and it’s system modifications according to VirusInfos
from Avast, VGREP, TrendMicro, Kaspersky;
you might also try searching for the virus name or filename with google
general removal procedure:
disable system restore on Win ME/XP
kill respective Backdoor/Trojan process with task manager
search for the file/process names in the registry; remove the malware’s startup entries in the registry
disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot
if you still can’t remove it, you could post a logfile of Hijackthis here
-Secure your system:
change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - and better use a secure browser like Opera or Mozilla
scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro/RAV to check whether your PC is clean
If needed, reenable system restore on Win ME/XP
Further Details and Links via the board search above
I moved it to chest immediately, no sense taking unnecessary chances.
I’m currently running a full system scan just in case.
Sorry for the lack of info…
I’m running WinXP and as far as I know, all updates and patches are applied. The PC is firewalled and nothing is downloaded; not even email. So I don’t have any idea how this sucker got in if it’s a virus.
I’ve searched google for both the virus and the filename and come up with nothing.
What I did come up with though is IAS which appears to have something to do with my wireless network. Related???
I find it hard to believe that I’m the first person on the net to discover a new virus… not on this pc anyway.
just like any other AV program Avast has false positives.
best way to tell for sure whenever you think avast has falsely detected a virus is to scan with housecall.
On a more serious note, when I go into Safe Mode, the Trojan does NOT show up. Avast! is the only scanner than shows the Trojano-090 message/warning, I cannot find anything on it anywhere on the web, and I did use every other scanner in the world and none of them have detected the trojan.
I’m dazed, confused, and feeling a bit vaporish so I will do have a nice lay down.
I sent the file in last week and have received nothing; not even a “we’ve received your email” notice.
Cassie. Are you running anything wireless?? I’m seriously wondering if we’re getting a false positive based on something that Avast isn’t used to seeing; wireless networking.
WHICH other / Onlinescanners did you use ? results ?
you know that you can exlude files from scanning in both the mainscanner and the resident shield ?
If it helps, I’ve removed the file, since the computer that its on doesn’t need the wireless and I’ve experienced no difficulties since. I’ve received a clean scan from Avast now that it’s gone, but I’m still none the wiser as to what was wrong with the file.
Kinda makes you wonder what you’re laying money out for. But then, what do I know… I’m just a Llama.
Those recommended on this forum as well as Norton (yes, hog but I was desperate) as well as a couple others. The results were always the same - clean system. Thus my confusion and frustration were born ::argh!!::
Seriously, I’m ready to dumb Avast - this is getting way too muddy. You mention excluding files but what files do I exclude? Each time the ****** popup appears it has a different file listed as “infected” but I can’t find the source of the infection, my 'puter works great and my cats are ready to put me away for growling.
This imho doesn’t really point to a false alarm:
but on each occurence, NOTE exactly the full path/location/filename & move them to the chest, or better to a new separate folder and send them in again
to virus@avast.com or virus@asw.cz with info on file location and a link to this topic.
pack the file into an encrypted Zip (i.e. with password) and include password in the mailtext
P.S.: always different names ? I thought, it was “iassam.exe” ?
and the fact that nothing can be found on google about the above filename, also points against a false alarm