system
8
Sorry for the double post, but I have leads on what has infected my system.
I checked the log file Avast4/DATA/log/Warning.log and here is the contents, with an annotation of when the crash occurred:
4/10/2011 1:02:27 PM 1302454947 SYSTEM 1340 Sign of “Win32:FakeAlert-AFC [Trj]” has been found in C:\Users\Dan\AppData\Local\Temp\axmonewcrs.exe" file
Crash occurred seconds after the previous warning.
4/10/2011 2:56:54 PM 1302461814 Dan 2036 Sign of “Win32:Trojan-gen” has been found in “C:\Users\Dan\AppData\Local\Temp\0.8766734525601846.exe” file.
4/10/2011 3:20:24 PM 1302463224 Dan 2036 Sign of “Win64:Alureon-B@mbr [Rtk]” has been found in “C:\Windows\MEMORY.DMP” file.
The last warning intrigued me when I found it just now. I told avast to scan the latest memory dump file in my windows folder and the same error comes up. Is this information useful to figure out what I should do?
Edit: Huzzah. Searching the forums for posts about Alureon lead me to the Kaspersky tool for removing it from the MBR. This has made my system stable again. Of course, now my computer might still be completely compromised so I need advice on how to ensure everything is clean! I need this computer to do sensitive work that I cannot afford to have exposed to malicious activity. The first thing I did once I successfully rebooted was upgrade to Avast 6 