I’ve been using aVast free Home edition from about two years and never had a problem. However, since 3 or 4 days aVast suddenly starts to detect some virus, worms and trojans on files that I have also on another computer where it does not detect any problem. Note that I often synchronize both computers using SyncToy.
More strange: some aVast detections are on files … that doesn’t exist! As an example:
14-09-2008 08:50:41 SYSTEM 1840 Sign of “Win32:Crypt-CMV [trj]” has been found in “D:\Games.exe” file.
I have not a “D:\Games.exe” file! I have not any games installed.
Other detections examples:
11-09-2008 09:15:18 SYSTEM 1836 Sign of “Win32:Small-LVX [trj]” has been found in “C:\Windows\System32\dhcpsocd.dll” file
14-09-2008 09:12:17 SYSTEM 1840 Sign of “HTML:Iframe-gen” has been found in “D:\Documents\Web Spaces\aminatura\frases_.htm” file.
14-09-2008 09:13:52 SYSTEM 1840 Sign of “Win32:Fujack-AF [Wrm]” has been found in “D:\Documents\Web Spaces\FolkIberia\astur.htm” file.
And many others on the same folders.
The last files exist, but as I also have it in the other computer (where I have no problems) I’ve deleted the complete folder (“D:\Documents\Web Spaces”). For a time, aVast becomes quiet, but after some minutes it “cries” again:
14-09-2008 09:41:51 SYSTEM 1840 Sign of “Win32:Crypt-CMV [trj]” has been found in “D:\Games.exe” file.
14-09-2008 09:53:15 SYSTEM 1840 Sign of “Win32:Crypt-CMV [trj]” has been found in “C:\Users\Public\Games.exe” file.
I also have not any “C:\Users\Public\Games.exe” file!
Well, what happens? aVast alerts with this detections, but I have not any other problem or symptom on the computer. All works fine, no problems with any files or programs.
My aVast is always automaticaly updated.
Are you seeing hidden and system files into Windows Explorer? Maybe file is just there… and it’s infected…
Can you show hidden and system files to check?
Did you send the infected files to Chest (quarantine)?
Thanks Tech and DavidR. Yes I’m always seeing hidden and system files. I’ve not sent the infected files to quarantine, cause as I said I have the files also on another computer. I synchronize both computers periodically (1 or 2 times by week) but on the other computer there are no problems, even after each synchronization. That’s really a strange detection. As I also said, aVast detects the virus (or is it a false detection?) but I have no other problems, all works fine.
avast! is constantly adding and updating its signatures so it isn’t totally unheard of for a file/s that were previously not detected being picked up, so it is important to confirm the detection one way or another.
You can check the offending/suspect file/s if you still have copies at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
so lets assume that there are some nasties around
Hard to go to virus total and then update to a file you can’t find
you could google the other names
but I strongly suggest that you do upload the hits you can find to Virus total
you can see from the link above that
DrWeb CureIt,
Bit Defender OnLine Scan,
FSecure on line scan http://support.f-secure.com/enu/home/ols.shtml
all target one of your malware hits
Which is valuable information for future malware removal