found today by avast thorough scan and put into chest.
how can I be sure that everything is clean - anything esle I need to do?
Thanks
Peter
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.
Well the thorough scan is as its name implies very thorough and it would be as clean as it could be based on its detection signatures, so you shouldn’t have to do anything further. Though avast does a good job in detecting adware/spyware, there are specialist anti-spyware applications that would compliment avast’s detections.
These can be periodically run as a back-up scan (on-demand), some are resident (on-access) scanners to provide real-time protection. They shouldn’t conflict with avast.
If you haven’t already got this software try one (freeware), download, install, update and run it periodically.
- If using winXP SUPERantispyware On-Demand only in free version. Or AVG anti-spyware (formerly Ewido) Resident scanner during trial On-Demand after trial ends. Or Spyware Terminator Resident scanner. Or a-Squared free On-Demand only with free version(if using win98/ME).
Thanks - it was in a bit torrent that i decided i didn’t like
I have spybot that i run regularly, but not convinced it catches everything - have just installed PC Tools Spyware Doctor (as one of your forum entries led me there). Will check out the other sites you pointed me at.
Many thanks
Peter
No problem, welcome to the forums.
I too share your concern about S&D I feel it is becoming rather lightweight, though still useful and as an on-demand scanner doesn’t take up any resources other than disk space until you run it, assuming you don’t use the resident options. The ones I mentioned I feel provide better protection as does Spyware Doctor, though I’m not convinced it is worth paying for given the quality of the freeware options about.
Hi,
I recently had this problem. AVAST detected that I have a trojan by the name of win32:Trojan-gen {UPX} in my c:\windows\system32\confi.exe.
How should i rectify the problem?
Please advise me. Thanks
Regards
EW84
Rectify? Seems an infected file…
To know if a file is a false positive, please submit it to VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
Other possibility is JOTTI. VirusTotal and Jotti both have file size limits 10 and 15MB each.
As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button…
You can use wildcards like * and ?. But be carefull, you should ‘exclude’ that many files that let your system in danger.
After that, please, periodically check it - scan it into Chest, right clicking the file - there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected as being infected then you can also remove it from the Exclusion list.
This link is a tutorial on how to help correct a virus detection that you believe to be false:
http://forum.avast.com/index.php?topic=25009.msg204838#msg204838
or http://forum.avast.com/index.php?topic=7779.msg62586#msg62586
Hi ew84,
confi.exe - Dangerous
confi.exe
Confi.exe is W32.Lecna.H.
W32.Lecna.H is a worm that spreads by copying itself to mapped drives. It also opens a back door and may download potentially malicious code on to the compromised computer.
Related files:
%System%\AUTORUN.INF
%System%\confi.exe
%System%\Config.ini
%System%\Recycler.exe
%System%\uninstx.exe
%System%\keyvect.dll
%System%\netscv.exe
Read more: http://www.symantec.com/en/au/enterprise/security_response/writeup.jsp?docid=2007-082212-5844-99&tabid=2
Kill the process confi.exe and remove confi.exe from Windows startup
polonus