windows effected with Win32 lecna.d

after i quaratined all viruses using avast, and each time i start windows and to the internet, avast on-access protection will detect my pc try to connect to 1 URL, and avast antivirus will prompt a message to abort the connection.

why my antivirus still detect this miscellaneous activity if i already scan and quaratine the effected file. I also scan my pc using spyware program (spybot) and it not detected anything.

any suggestion from the expert?

Hi ffg30,

What is your operating System?

Do you have a firewall up?

I recommend a scan with a-Squared anti-Trojan:

http://www.emsisoft.com/en/software/free/

If you still have problems, can you post a HijackThis! log for us to look at?

http://www.bleepingcomputer.com/tutorials/tutorial42.html

Thanks.

Do you have a firewall, if so what ?

The firewall should be what blocks unauthorised outbound internet connections, avast is obviously catching what it is trying to download when it is coming back in. You would appear to have a trojan downloader on your system.

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.

  1. Ewido, a.k.a. avg anti-spyware If using winXP. or a-Squared free if using win98/ME.

Spybot is getting a little long in the tooth and I believe it is less effective than it used to be and I have recently uninstalled it to try other options, see my signature for my anti-spyware programs.

hi guys,

my pc using win XP. FYI, i dont have any special firewall in my pc except avast antivirus and all setting in high mode for on access protection.

I will try the suggestion, and if still cant solve the problem, i will post HijackThis log.

Thank you. Really Appreciate.

FFG30.

Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.
Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.