Hello, this is my first time here.
My mother was alerted to a virus on her computer this morning and came to me for help. I don’t know what the pop up that appeared said since she closed it before getting me. I think it was picked up via a daily scan over the course of last night. I have no idea when or where she picked it up from. Attached are the log files created from following this thread: http://forum.avast.com/index.php?topic=53253.0
Thanks in advance.
The last of the log files and a screencap of the quarantined file.
What avast version is your mother using, avast 7 or avast 8 ?
I suspect this given its location HP folder and file name this may be legit file and a possible False Positive (see #### below). See http://www.backgroundtask.eu/Systeemtaken/taakinfo/29053/hpdobject.exe/ for information on the file.
Is your mother experiencing any other symptoms ?
If not it may be a little premature on the other logs, but one of the malware removal specialists can hopefully take a look at them. There may well be some delay due to differing time zones and availability of the volunteer malware removal specialists.
#### - This assumes it is avast 7, but the process is much the same in avast 8.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here, post the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to Open the chest and right click on the file and select ‘Extract’ it to a temporary (not original) location first, see below.
Create a folder called Suspect in the [b]C:[/b] drive. Now exclude that folder in the File System Shield, Settings, Exclusions, Add, type (or copy and paste) C:\Suspect*
That will stop the File System Shield scanning any file you put in that folder.
She is currently running Avast 7. I haven’t noticed any symptoms yet.
Given that avast doesn’t detect this on the virustotal scan and the only one that did was GData, which uses avast as one of its two scanners, it is most likely that this was an FP.
First ensure that you have the latest virus definition update - If you can open the avast chest and scan the file within the chest and confirm if it is still detected ?
If not you can Restore the file to its original location (right click on the file and select Restore), a copy of the file remains in the chest as a safety measure so you have a copy whilst doing this. Confirm that the file is back in the original location and you can manually delete the copy in the chest.