I’m using vista home basic. right now in a middle of a scan and a virus was found. " Trojan horse" 000783-0,
in - Win32:Regdis-C [trj] file name is: c:\windows\installer.… then i move to chest as recommended but then i get a window saying: access is denied cannot proses then the details of the file. i press OK then the virus window comes up again and… I’m stuck! what should i do? how bad is it? I’m completely clueless… thanks!
Welcome to the forum.
In order to help you, we need the full name and path of the file in question.
The folder alone isn’t of much use.
Thanks
The file name is not shown, the .… indicates that there is more text but not shown.
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.
If you have XP or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php
Just make sure you only send the file to the chest as it leaves more options, restore if an incorrect detection, etc.
hi thanks!
i have vista home basic. the maware name is : win32:rgidis-C[trj] the file name, or what i can see of it, is:
C:\Windows\Installer{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99 - that’s all i can see.
i try to move to chest but then the other window pops up so i can’t really do anything that way.
i opened the log viewer and i don’t see anything there…
in the window that says: access is denied, cannot process, i can see more of the file name:
C:\Windows\Installer{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99\pro…
files\VistaCobecPack\ToolsMPEG.exe"file
does that help?
Yes it does. If that is a typo VistaCobecPack, should it not be VistaCodecPack?
If so see here and follow the suggestions posted there.
It could be a false positive…
This link is a tutorial on how to help correct a virus detection that you believe to be false:
http://forum.avast.com/index.php?topic=25009.msg204838#msg204838
or http://forum.avast.com/index.php?topic=7779.msg62586#msg62586
thank you everyone.
i was able to continue the scan only after i clicked on " continue" so the scan was done and two were detected but i guess the are not in chest. how can i know wether it’s a false alarm? how can i eliminate that virus? i don’t know much about computers.
so, your help is very much appreciated!
oh, one more question, how often should i have a scan?
thanks again!
Did you check the other post?
You can scan that file(s) at www.virustotal.com You have to know the entire file path though. Open the log by right clicking the “a” icon, select log viewer, click on the warning button. All detections will be shown. Expand the columns by sliding them left or right until you cam view the entire path. Post back the results.
i couldn’t copy the resalts and after expending still didn’t get the whole path. i did a schedule boot scan and the two detections came then i deleted them. then i did another scan and there were no detection.
did i do OK?
Well deleting isn’t a good first option, because if it where a legitamate file that was being falsely detected, then there could be problems. When you delete with avast, the file is gone forever. You are out of options.
For the future you can do the following if you can’t expand the columns enough.
Open the log viewer, click the warning button. At the top of the page click edit, filter. When that popup appears, in the lower section check both boxes beside the date, change the date in the top one to at leaset on day earlier. Make sure select defined lines is marked. Click OK. Then from the file button at the top, or the export icon, select export selected lines. Note pad will open, choose desktop for the destination(save in), name the file something you will remeber, click save. Now on your desktop you can open the file with notepad and you will see the full path.
thank you oldman,
I’ll do that. how often is it best to do the scan? what about the scheduled boot scan?
thanks a lot!
Once a week is more than enough if you let the resident always turned on.
Once a month to scan archive files also.
Generally, only if you have a scanning trouble (access denied, etc.) while in Windows.
If you’re paranoid, once a month is more than enough.
thanks a lot! you have been a great help for me!
this problem should be solved with new VPS… can you confirm that?