Virus and some more problems

Hello guys!

Didn’t found nothing using Search option, so i want to ask here.

It’s first time im using avast! a/v, so i have a couple of questions.

I had to install a/v program, cuz i got a serious problems with my pc (caught a virus). I did “format c:” operation already, but it didn’t helped me to fix that problem. PC is chasing, some apps don’t want to work, if i was trying to open any page with a/v program (was trying to download) - it closes immideatly (i think virus is doing it). I got some screen shots of files that avast! keeps in it’s Quarantine folder. That files apears in [b]c:\docume~1\oleg\locals~1\temp[/b] folder. Im trying to delete em, but they apear again after reboot.

I wanted to ask You guys, what a Red Mark on avast! icon in system tray means? As i understand that a/v stoped and not monitoring my pc, right? That mark apears every time after “Gray Screen”. I bet you know what “gray screen” im talking about (showing that something is trying to stop/shutdown my avast! protection system (as i understand it)).

While was making a topic, another avast! alert http://img186.imageshack.us/img186/6307/48780437qn0.jpg

Im fighting this problem for 2 days already. I hope that You guys will be able to help me fix that problem.

P.s. - sorry for my bad english.

Best regards, Oleg.

I suggest:

  1. Disable System Restore and reenable it after step 3.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on.
  4. Use SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

We will need more information to be able to help you:

  • Which OS are you using? Is it up to date?
  • Do you use a firewall? Which one?
  • Do you have any other antivirus installed in your system? Did you have in the past?
  • Any other security programs that could interfere?

Im suing Win XP Proff SP2,

Yes, i have firewall - Tiny Personal Firewall Pro,

No, only avast! 4.8 Home Edition,

No other security programs.

Other information i’ll give a little later. Need to do all the things that You said.

Best regards, Oleg.

I just used ALL programs that You recomended me and im still getting avast! messages “trojan found”

PC slows real bad.

That’s what TrandMicro saying:

±---------------------------------------------------
| Trend Micro RootkitBuster
| Module version: 2.2.0.1014
±---------------------------------------------------

–== Dump Hidden MBR and Hidden File on C:\ ==–
No hidden files found.

–== Dump Hidden Registry Value on HKLM ==–
No hidden registry entries found.

–== Dump Hidden Process ==–
No hidden processes found.

–== Dump Hidden Driver ==–
No hidden drivers found.

Other programs that i used founding a few trojans and bad files, removing em - but still getting messages from avast! that i got trojans.

Dunno what to do…

All programs are saying that i have no spyware/trojans/viruses.

…still getting avast! messages… :-\

Any1 help me?..

To know if a file is a false positive, please submit it to VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
Other possibility is JOTTI. VirusTotal and Jotti both have file size limit of 10Mb.

This will tell us why avast is the only one which is alerting about that files.