Hi there!
From time to time I get the following virus alert which, thanks to Avast, I can block before entering my PC.
However, I do not understand why it continues to pop up on a regular basis, say, weekly at least.
Is there something more I can do? ???
I enclose snapshot.
Thank you
Alex
Since it is web shield alerting you, you are either getting it by visiting the same site or you have a downloader on your computer.
I’ve had downloader that avast didn’t detect, though web shield did pick up the trojan that it was attempting to download.
I’d suggest an online scan with kaspersky, mcafee, panda or any other online scanner you use. I found the one I had with mcafee.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.
These are more specialised in the anti-spyware and may well detect any possible trojan downloader on your system. If one of them does (I would suggest avg anti-spyware first), please send a sample to avast so that it can analyse it and update the VPS before taking any action to quarantine or remove it.
Send the sample to virus@avast.com zipped and password protected with password in email body and false positive/undetected malware in the subject. Or you can also add the file to the User Files (File, Add) section of the avast chest and send it from there (right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest.
Hi,
I have just sent the report from the avast chest file.
Please, let me know if you need any addition info.
Thank you
Alex
If you have emailed from the virus chest that should be fine as it (I feel) gives it more of a priority over the other 4000 plus emails that are received every day since those sent from the chest are filtered.
You will normally only be contacted by avast if they require any more information, note, I’m just an avast user like yourself.
After I have destroyed the virus win32.downloader there was a file named dllhost.exe. this file prevented the use of taskmanager and the commands cmd and regedit didn’t work.
I found the file dllhost can be killed just in one way: start windows. Before the start is completed hit str+alt+rem. the taskmanager opens. you can see all loaded actions. stop the dllhost.exe. thereafter you can delete the file dllhost.exe.
Care should be taken as dllhost.exe is also the name of a windows file, which lives in the windows\system32 folder and possibly windoes\servicepackfiles\i386 folder http://www.liutilities.com/products/wintaskspro/processlibrary/dllhost/. If located elsewhere then it is likely to be malware.
Did you send a sample to avast before deletion ?