Hi all,
This is my first post. i am currently travelling and using Avast, Malewarebytes and superantispyware on my notebook EEEpc. however, I rashly used a flashdrive in an internet cafe in their pc, then in my notebook having not been on line for a few weeks. On re booting I got an avast message about a possible rootkit issue. I did a boot scan, but it froze near the start. Now, when I boot up windows takes 3x as long to bring up the desktop and freezes completely, and is just really slow.
I did another boot scan, which took a few hours, but which found 18 infected files, system information restore files infected with a Kamso Trojan. I removed them all to chest, things seem a bit quicker but still slow. What an I do next? How can I check to see if y damage has been done. Are they connected to the Rootkit…I ticked the box that said send copy to Avast???
Thanks, a concerned and annoyed traveller now in China
I have had no conflict with SAS and MBAM and I’m running the resident version, SAS Pro.
If both versions are the free options then there is even less of a possibility of conflict. Only if both were the paid resident versions is there a possibility of conflict (only one resident application for anti-spyware/malware).
Where is the evidence/link that it conflicts then ?
@ travelgaz
What was the file name and location of the file detected as a possible rootkit ?
Check the C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log file using note pad.
Try this application Flash Drive Disinfector
Information and Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
[*] Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.[*] The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.[*] Wait until it has finished scanning and then exit the program.[*] Reboot your computer when done. Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don’t delete this folder…it will help protect your drives from future infection.
I don’t have the filename now annoyingly…Avast said it was only a possible and they wanted to check it out! My notebook is still freezing up randomly and is slow…is there a good repair program I can run. I’m happy not to use the flashdrive gain. Both SAS and mb are free versions. Will the flash drive disinfector also clean up my drives etc on my notebook?
Look in the file location that I gave you for aswAr.log that should contain the information.
Not using the flash drive isn’t the only issue you have to consider, that infects the main system and it remains infected. That is the purpose of the Flash Drive Disinfector to be run first on your notebook, to try and prevent future infection and hopefully counter the autirun.inf file that is no doubt in all the root drives on your notebook.
These autorun.inf files will be being run when your system boots.
I think I have solved the problem…I should have mentioned to you that on startup the windows ditty little tune was all distorted. I followed this back as an issue and ended up at a solution on bleeping computer…uninstalling a driver device, something I think to do with the computer reacting to having those files infected with the kamso Trojan?? Anyway, i did this and ran the flash drive disinfector and all seems to be running perfectly, indeed, following more scans, ccleans etc its running better then ever!
Thanks for your time