Earlier today avast blocked a malicious website. However, after running a quickscan, it has found one infected file. whenever I try to delete it or move it to the chest it says “Error: the specified file is read only (6009)” and when I try repairing it it says “Error: the process cannot access the file because it is being used by another process (32)”
I have also run Malwarebytes during and out of Safe Mode. It doesn’t find anything. I guess that means it’s not malware. But avast says it’s severity is high. I don’t really know what to do :-\
since this is a Siref infection …a nasty rootkit that we have seen lots of infections from here for several weeks, i recomend Essexboy to have a look inside
OK this looks new, I will need to run another programme check first
[*] Download RogueKiller and save it on your desktop.
[*]Quit all programs
[*] Start RogueKiller.exe.
[*] Wait until Prescan has finished …
[*] Click on Scan
OK 'tis different I will need to investigate the combofix log a bit deeper on completion
Download and Install Combofix
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
I downloaded combofix but it saved to my downloads instead of desktop otherwise it just ran and it scanned and deleted some stuff, but now it won’t connect to the internet and an avast quickscan is taking a long time. I can’t attach the log since I can’t get on the internet on that computer. I’m borrowing someone’s right now.