Can’t repair, move, delete or quarantine in the chest. Seems a bit odd, ‘avast4’ is the temp folder for avast right? Not sure how to proceed. Manually remove the files? Anyone else had a problem with ‘VBS’ malware?
Google search linked it to the ‘Loveletter’, a ‘Visual Basic Scripting’ worm. Though I don’t normally use outlook express.
This is the folder where avast unpacks and scans archives and the unpxxxxxx.tmp (the xxxxx being numbers) is the file it creates when doing this. The files are normally removed after a successful scan.
The actual detection is on addc.htm inside that temp file.
You don’t say why you can’t move or delete, errors (file in use, etc.) ?
Not sure if it would do any good. Will try tomorrow.
The temp folder has 8 tmp files, each 460 MB in size. It’s taking up a total of 3.51 gig. You learn something new every day… lol
It mentions something to the extent of: “The operation is not supported for this type of archive.” and “can’t open archive/file…” Peculiar that Avast would scan its own temporary files, seems a bit counterproductive. Anyway, can you delete the tmp files without destabilizing Avast? Or should I just leave it alone?
(And how would you clean the tmp files with CCleaner?)
I hope Alwil team remove the ‘false positive’ or improve the way avast could handle the temporary files at that folder.
After all, it was avast who created the temporary file…
I don’t think it was a false positive, just that the unpxxx.tmp files not being removed after a scan and that particular archive/file associated with the unp file (CYBERA~1\EARTHL~1\NSCOMM\ADDC.HTM) may have been infected. Whether the addc.htp might be a FP is debatable, but we are unable to test that.