hi everyone, you folks do great work, appreciated

-avast 50677 free, latest update/defs
-Compaq desktop 2G -dual core
-OS windows 7 home premium 32 bit
-basic application MS office 2007
-no other spyware/av
-dont think any previous security was installed…

clicked on report file in File shield, or any shield, and instead, a program opens up with errors message (4NEC2 electromagnetic modeling), didnt get all details, “D: path…filename.exe…corrupted archive …4021…”

did memory, system, all hardisks, startup, boottime, removeable, folders, 4nec2, C:, D:, all scans with normal to high sensitivity - no errors no viruses - settings report file type ANSI, Append

went to check c: Alwil path… folder for Reports, and its not there, doesnt exist!

first time i get this problem, but not checked before in long time, and not sure had report file set up properly before.

today i use programs, uninstall programs 4nec2, delete its folders, uninstall Avast, delete Alwil folder, reboot, reinstall Avast,do settings, do short scan, STILL NO report file, real-tim seems to be running, STILL no report file found in Alwil path…?

Any help is appreciated…thank you

Thanks a lot, but not sure what you want to ask/know…
asyn

Asyn, wow you are fast,

sorry about that…

more info: i have Windows Defender disabled

gen maintenance done - check disk, disk cleanup, ccleaner, disk defrag (lots of free disk space)

No need to disable Windows Defender.

Sorry to say, but I still don’t get what you want to know…
If you want to know where to find the report files: Search for WebShield.txt on your system.
You can find all report files in the same directory…
asyn

YoKenny,

thanks, your gif, avast doesnt produce this anymore when i click the “show report file” radio button in any of the shields…

for a while when i click it just opened up one of my installed programs called 4nec2 with error message…refering to filepath on D: drive (my recovery drive)

after reinstall, when i click the button, nothing happens at all.

…then couldnt find reports folder, but looked in wrong alwil folder (in Program files, instead of Program Data) as ASYN tells me

i take your point about Defender, i will reenable it, i now learned it wont conflict with Avast in any way…correct…? (ill open new thread if need be)

thanks

Correct. Still I wouldn’t give it any memory…
Btw, good you could solve your problem…!
asyn

ill try to be clear Asyn thanks

ref. previous post,

1. my question is first place, why might the shield “show report file” button open up my programs instead of report file?

2. what could that “D: path…corrupted archive file” message mean?

3. why when i reinstall, now nothing happens when i press button “show report file” and no report folder found in my system?

thanks

1. That’s strange. To sort out malware run Free Mbam and report back here.
   http://www.malwarebytes.org/mbam.php
2. Could mean you have a corrupted archive on your d: drive…
3. Maybe there are no reports present right now, as you just reinstalled avast…
   asyn

excellent thanks Asyn, may be you know im beginner

1. what you mean when you say wouldnt give it Memory…ref. defender???

2. ok latest, redid full ccleaner,disccleanup, checkdisk…show reports file now WORKING again…thanks

3. still like to investigate the archive D: file error. i will download MBAM, will this one conflict with Avast at all?

4. any other built in windows diagnostic i can do to find archive error message related info in the computer

here what mbam found, everything else seemed ok

Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

is tghis bad, what should i do, i did not remove, and dont know if its related to previous issues, thanks

1. I mean I would disable it, but that’s just my personal opinion.
2. You’re welcome.
3. Mbam does not conflict with avast. Be sure you update it before scanning…!
4. Forget about the archive, it’s no threat…!
   asyn

Let Mbam take care of its findings…!!
asyn

After updating MBAM, then run the scan as Asyn said.

· Click the “remove selected” button to quarantine anything found. You will find the infection details under the Quarantine tab.
· Copy & Paste the entire report in your next reply.

Asyn, thank you

SafeSurf, Asyn

heres the full updated log:

Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org

Database version: 5188

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25/11/2010 11:37:46 AM
mbam-log-2010-11-25 (11-37-46).txt

Scan type: Full scan (C:|D:|E:|F:|J:|)
Objects scanned: 219757
Time elapsed: 51 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) → Bad: (0) Good: (1) → No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

i put it on ignore list, is that a goog idea,??

No I wouldn’t have ignored it, as what it appears this registry key modification does is disable the search function in explorer, that could be to prevent you searching for malware.

So I suggest that you delete the entry from the ignore list, run MBAM again and let it deal with it, e.g. Remove. What it actually does is modify the key so it allows the search function.

excellent, thank you David, in the results, i saw thre remove button, but was tentative, becuase i thought this might delete it completely!

thanks ill retry and let you know

You’re welcome.

ok so here i should click “remove” ?

Yes, click the remove selected button.