Hi,
I keep getting Avast notifications on the file smss.exe located in C:\Users<my user>\AppData\Local\Temp~temp\aiunml60
I keep deleting and it keep coming back.
I scanned it in VT (thank you guys for instructions!!) and received this report.
Any idea how to get rid of it?
Thank you for your help!!
If it keeps coming back, there is likely to be an undetected or hidden element to the infection that restores or downloads the file again. What is your firewall ?
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. - 2. SUPERantispyware On-Demand only in free version.
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Now if these make any detections on files not detected by avast, I would suggest uploading to VirusTotal for confirmation and if multiple scanners detect the file as malware, send a sample to avast, see ~~~~ below, before allowing the program to deal with it.
Send the sample to [b]virus@avast.com[/b] zipped and password protected with the password in email body, a link to this topic might help and undetected malware in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn't already in the chest) where it can do no harm and send it from there. [i]A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that[/i].
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
Thanks. I already downloaded and installed Malwarebytes. It did find 2 problematic files, but they were fixed and no longer reported.
I still keep getting the avast notifications.
SAS did not find any problems.
But what were the file names, malware name and locations, you can post the log file. That may provide some information to help identify what else may have been there.
Are you just using the win7 firewall ?
If so I don’t know if that has outbound protection enabled by default, and I would ensure that that file is denied outbound connections.
Kaspersky now detects this virus.You could try using there rescue disk. The link provides a download link and instructions. You will need to burn the iso as an image, there is also a link to imgburn and instructions.
Hopefully your pc is set to boot from cd, its worth a try
Study any findings very carefully before taking any action