Okay,
I’ve got a virus. I’m looking at the top stickied thread, and I’ll try to provide the information requested for help.
Check if the Worm or Virus is included in the list of malware that the avast CLEANER can remove: http://www.avast.com/i_idt_171.html
Tried, but the link is dead.
- What WIN do you have ? Are all ServicePacks and Windowsupdates applied ? Please CHECK !!
What name does avast give the virus (e.g. like: “Win32:Netsky-P [Wrm]” ) ?
Where exactly was the infected File found (full path/folder/filename, e.g. like c:\Windows\system32\virusfile.exe) ?
You’ll get this info from the Alert/PopUp window or from avast’s report/Log-files. If you can’t start avast, look for the info in the logfiles in the avast (sub-)folders and
in the EventLog of Win XP / 2000: Controlpanel → Administration → Event-log
-Windows XP Home Edition Version 2002 Service Pack 3
-Win32:Daonol-P[Trj]
-c:\windows\RYQAAWR.DVX and a few dozen variations of this, all in c:\windows. By variations, I mean all starting with c:\windows\ryqaawr.dvx, but having different numbers of x’s at the end. E.g. -c:\windows\RYQAAWR.DVXX, -c:\windows\RYQAAWR.DVXXX etc.
Background. Mcafee was using up so many system resources, the computer was just about unusable. I uninstalled it, planning to install Avast. Stupidly, I waited like a week, and suddenly:
-I started clicking links from search results, and occasionally instead of going to the page I had clicked, I got redirected to another site.
-Decided to check AV sites, but was blocked from accessing them.
-Tried to download Avast through download.com, but couldn’t download.
-Managed to download Avast through a different server and install.
-Avast didn’t find the virus.
-Tried to download most recent database through the Avast interface, but got 501 errors.
-Downloaded most recent database from the Avast website, and got Avast updated.
-It then began finding the virus every time I started a new program.
-I scanned, and it found the virus several times during the scan.
-In all cases, when Avast has found the virus, I’ve added it to the chest. There are now 60 files in the chest.
-There are 20 versions in c:\windows (just looking through Windows Explorer)
I’m wondering:
a) if i can find out what type of damage this particular virus can do/has done
b) find a way to clean it.
I uploaded one of the files in c:\windows to virustotal.com, and have a report. I can post it here, if that makes sense.
Very appreciative of anyone who can help me out.