Hi all,
This is a little long, so please bear with me…
I’ve been a Norton Anti-virus user for about two years, ever since I bought my new computer. Also, I’m very cautious when it comes to viruses. I never use my computer’s e-mail program, instead I opt for web-based e-mail clients like Yahoo, Hotmail and G-mail. Even so, I never open e-mails if they look suspicious or have attachments.
I also never run programs that I get from sources I don’t trust. I practice safe web-browsing and have always had a firewall and anti-virus program running.
That being said, my Norton subscription ended two days ago. So, after hearing many good things about Avast!.. I thought I’d try it. I uninstalled Norton and installed Avast!. It ran it’s first scan… and all was clean. I ran another scan a little later… again, everything was clean.
Now… today I decided to try a “thorough” scan rather than the “standard” scan that it did the last two times. Well, this time I got a virus warning… and of all places on my D: drive!
It said the file that was infected was “wksv7std.sbs” located at
D:\i386\Apps\App12654\workssuite\msworks\pfiles\msworks
It said that it was a Malware type Trojan called Win32:SdBot-3324 [Trj]. Avast!'s recommended advice was to move this file to the virus chest… which is what I did.
Now, my D: drive is just a “recovery partition” used by my computer. I never write anything to it. When I click on that drive it tells me that this area of my drive contains files used for system recovery. And that I should not delete or alter files in there. And that any change could prevent any recovery later.
Now, I’m no expert when it comes to viruses… but I just have this feeling that Avast! was just being overly sensitive. I’ve used other virus programs in the past, and at times they would detect viruses in completely innocent files.
Another reason I think the file is fine is that when I open Avast!'s virus chest… and look at the file in question… under ‘virus’ it says '–no virus–". It also says the last time the file was changed was 6/4/2002… which is before I bought the computer.
Anyhow… that’s my situtation. Now my questions…
If the file is truly a trojan, how would I know for sure? Also, if it is a trojan… has Avast! cured the problem by locking it away in the virus chest?
But. if it is ~not~ a trojan, can I put the file back where it belongs by clicking “restore” in the virus chest menu without it messing up my recovery partition?
I’m sorry, I know this is a little long-winded. But any advice would be TRULY appreciated!
–steve