Sometimes on access shield of AVAST doesn't start

Hi,

sorry, my english is not very good …

Since some weeks ago, AVAST shows strange behavior. Sometimes the AVAST icon on the right taskbar is showing a red round sign with a white bar in the middle. If I open the right-click-menu, it is telling me that on access shield is not running. If I try to activate the shield manually nothing happens, I am not able to activate the shield manually. After restarting the operating system everything’s is looking quite usual and the on access shield is running as it should be.

I think, AVAST is working very fine, last Sunday it shows me a trojan named kaht.exe in the temp directory of my personal folder in user mode - and it was possible to delete this malware.

My operating system: WINDOWS XP HOME, SP2,
Software firewall by Windows XP,
Hardware firewall by an AVM/FritzBox-Router 7141 with phone access over internet.
AVAST version is 4.7.942, virus definitions from yesterday, March, 14, 2007 - updating is working fine.

My latest on demand scans with avast in normal mode and safe mode did not show any malware.
Yesterday scan with Dr. Web did not show malicious results, too.

My access to the internet usally is done in restricted user mode, admin mode I only use to get WINDOWS updates or installing software (or enable the AVAST scan in safe mode).

Thank you very much for helpful information

Hans

Do you have any other antivirus installed in your system? Did you have in the past?
Any other security programs that could interfere?

I also suggest that you download, install, update and run other trojan remover tools: a-squared and/or Free AVG Antispyware (trojan removers). Some users recommend SUPERantispyware or Spyware Terminator.

Well here’s an odd thing. I had done a little research on this yesterday while at work, going to some forums where it was discussed, etc but being careful about the sites I visited (or so I thought). Now my weekly scan reports the following


http://img301.imageshack.us/img301/2918/kaht2cs3.jpg

This was detected by Symantec Corporate (no comments please :(). Problem is, Symantec’s on line scanner won’t scan packed files and these are. Its interesting that this stuff got past my router’s gateway antivirus too (McAfee based signatures).

At least knowing these paths you might be able to find the files manually on your computer. Symantec’s recommended action is to simply delete them.

EDIT: Posted a better screen shot.

Can you post a link to this webpage?

Sure

http://security.symantec.com/sscv6/home.asp?langid=ie&venid=sym&plfid=23&pkj=GTQPOOTGUSDJNRNJWDJ

But as I said, if you click the “Learn More” link for Virus Detection it states that it will not examine compressed files.

Thanks anyway.
I did not know that Symantec has this service. It could be useful, even when not scanning archive files.

Anytime, Tech …