In going to a website I got an alert that Avast found a Trojan Horse. I attempted to first move it to the Chest, which failed; then I tried renaming it which failed. I took the last action which was delete which appeared to work. It said that it was in my Temporary Internet Files. I immediately also went and deleted the Temporary Internet Files folder.
Do you think that this action worked or should I worry that perhaps it attached itself somewhere else? I couldn’t get the name of the file as I panic in situations like this and name appeared truncated anyway.
The alert should have come from the web shield and in which case it would offer only one choice, ‘Abort Connection,’ this should stop the infected element from being saved to your browser cache.
If it didn’t then the fall back of the standard shield should alert when it is created in the temp internet files (browser cache) and pop-up the multi-option alert you got.
What errors did you get for not being able to move to the chest (file in use, etc.) ?
I believe the actions worked as avast hooks the file before it can be run in your browser and clearing your browser cache should also back-up the deletion you did.
The name is truncated as there is limited space to display it, you can check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log and that won’t be concatenated. This is the source file used when you open the avast Log Viewer.
I am using IE 7; however, I was running AOL software under the TCP/IP option. I’m connected via DSL.
The error I received when I tried to move to to Chest and then rename it was “file in use”. When I next hit delete, it only “blanked out” or appeared “whited out in blocks” and then the site loaded in the browser at which point I did go in to delete my Temporary Internet files.
As far as the name/location, I will have to look when I return home as I am at work currently.
I think that when you add AOL to the equation if the software doesn’t conform to HTTP protocol then it won’t even be scanned by the web shield and that provided a great deal of protection against web attacks.
There are now many web sites getting hacked and this sounds very like what was happening here and if using AOHell proprietary software if it doesn’t conform to standard protocols, then I feel you are not as well protected. So I would suggest that you connect to AOHell and then open a non-aol browser so that it can be protected by the web shield.
If using the aol-browser then that is almost certainly why the file was in use as the browser would be trying to load what was sent to the browser cache.
I’m attaching a copy of the log. The listings were in the “Warning” section. The ones which occurred prior to today were already taken are of. I’m also doing a thorough scan to see if it should find anything. I also opened AOL and did a clear browser, but all files were cleared.
Yes many of those appear to have been as a result of visiting sites that may have been hacked, based on the malware names only.
Though the image ones are a little strange as generally gif files aren’t normally a target for infection. Especially for that malware name, VB at the start normally indicates Visual Basic, however, it is possible that a file can have the file type (the .gif part) changed to make it look like a harmless .gif file.
So is this image and its location one that you are familiar with ?
I take it that the F:\ partition is where back-ups are saved as it seems a duplication of the C:\Graphics folder ?
Yes, my F drive is my backup drive. As I indicated I did a thorough scan last night and it came up with no problems. Therefore I’m assuming the delete worked (this time). I think the .gif file sent up a warning due to the name. There may have been something going around called Demon and the alert shield picked it up. It was easier to just delete it and/or move it into my chest to eliminate it.
Thanks for your help.
I do have one more question I’d like to ask. Is there another spyware program that I should be running in conjunction with Avast? I’ve not used additional programs after having been told by my computer tech company that certain programs clash with each other and caused a problem which affected the stabilization of my computer’s operating system.
Browser protection indicator like Finjan Secure Browser
Malwarebytes’ Anti-Malware (MBAM) for additional malware checks
SpywareBlaster
WinPatrol for a good system SECURITY MONITOR
