Author Topic: virus found (Read 8355 times)

sweets · « **on:** June 23, 2008, 01:12:42 AM »

After you send an infection to the virus chest as recommended then what do you do with it, leave it there or something else?
I am getting this virus-worm message every time I go to my yahoo account and am told to go offline, what am i supposed to do?
Thank you.
Avast 4.8 Home Edition

Tarq57 · « **Reply #1 on:** June 23, 2008, 01:21:35 AM »

It can do no harm in the chest, and can stay there as long as you want.
Sending to the chest (rather than deleting) is a very good idea. In the event it was a false positive, you can later restore it.
Personally, I investigate all detections. (Virus/malware name, scan at Virustotal or similar) with the object of (a) seeing if it's a false positive, and if not (b) putting the PC through a more thorough cleanup, like a boot scan, and a spyware scan.
If, after a week or three, it still scans positive in the chest and the computer is running well, it can safely be deleted.

sweets · « **Reply #2 on:** June 23, 2008, 01:25:48 AM »

But every time I go to my yahoo account I get thie message that a virus-worm has been found there. Am I to stop going to my account?
Do I wait 2 to 3 weeks then scan the virus chest? How exactly do I go about scanning the virus chest? I mean what buttons do I push please? & thank you

alanrf · « **Reply #3 on:** June 23, 2008, 02:00:36 AM »

Please see this post. A fix is on the way

Chim · « **Reply #4 on:** June 23, 2008, 02:13:49 AM »

Quote from: Tarq57 on June 23, 2008, 01:21:35 AM

It can do no harm in the chest, and can stay there as long as you want.
Sending to the chest (rather than deleting) is a very good idea. In the event it was a false positive, you can later restore it.
Personally, I investigate all detections. (Virus/malware name, scan at Virustotal or similar) with the object of (a) seeing if it's a false positive, and if not (b) putting the PC through a more thorough cleanup, like a boot scan, and a spyware scan.
If, after a week or three, it still scans positive in the chest and the computer is running well, it can safely be deleted.

Hey, there, Tarq ... just a little curious. Isn't that Threatfire you're using ... an Anti-Virus? It's never caused you problems working along side avast! at the same time?

Anyway, speaking of moving Infected Files to the Virus Chest, I was wondering, has anyone ever had disaster strike after seemingly harmlessly by procedure moving an Infected File to the Virus Chest? True, some Files one can tell by the File Path / Filename that nothing or at least nothing drastic is likely to happen by moving the File to the Virus Chest. But, I sometimes wonder with the more esoteric, perplexing Files whose purpose is NOT remotely clear ... whether I'm gonna suddenly POOF! Encounter a Big Ole BLACK or BLUE Screen or No Boot or who knows what other disaster by inadvertently having moved a VERY important File to the Virus Chest. What's the risk of that happening?

sweets · « **Reply #5 on:** June 23, 2008, 11:45:33 AM »

If I click on Virus Chest it says "Open Chest". Will that release any virus-worm that is located there? Obviously I don't want to do this and am being cautious.

How do I scan the contents of the Virus Chest?

I am no longer getting the virus-worm alert when I go to my yahoo.com. Has the issue been resolved?

I am not getting email notification of replies to my posts. How do I program my control center to get this? Your control center is a bit confusing.

Please answer all questions & thank you.

Tarq57 · « **Reply #6 on:** June 23, 2008, 11:52:10 AM »

Quote

Hey, there, Tarq ... just a little curious. Isn't that Threatfire you're using ... an Anti-Virus? It's never caused you problems working along side avast! at the same time?

Threatfire and Avast seem to play well together. (Both apps. separately seem to get on with a lot of others, too. They're both independently and together remarkably tolerant of other valid security apps.) Although the Windows Security Centre actually recognizes Threatfire as an AV, technically its operation is somewhat different, more of a behaviour monitor/blocker, that includes malware signatures as part of its MO.

Quote

Anyway, speaking of moving Infected Files to the Virus Chest, I was wondering, has anyone ever had disaster strike after seemingly harmlessly by procedure moving an Infected File to the Virus Chest? True, some Files one can tell by the File Path / Filename that nothing or at least nothing drastic is likely to happen by moving the File to the Virus Chest. But, I sometimes wonder with the more esoteric, perplexing Files whose purpose is NOT remotely clear ... whether I'm gonna suddenly POOF! Encounter a Big Ole BLACK or BLUE Screen or No Boot or who knows what other disaster by inadvertently having moved a VERY important File to the Virus Chest. What's the risk of that happening?

I've had a minor disaster in the past, not with Avast - but I think that maybe the brand of AV may be somewhat irrelevant - and I'm not sure whether it was moving a file/deleting a file or a reg clean that was responsible.
You're not speaking with an expert, here, so I actually don't know what the chances are, but I would think they are small. It would have to be a fairly vital and far-ranging file to be deleted to give blue screen type symptoms, or similar, and I doubt any of the AV vendors would be likely to have that FP in their definitions. (As an aside, Norton did, a few months ago, and it had the interesting side effect of crippling all the Windows machines, running XP I think, but only if they were not validated (ie pirate, or not updated for quite a while), and only those running Chinese language Windows. Results can be imagined. They apologized, and put it right a day or two later. A bit late for the several thousand users who just happened to have misplaced their XP disks.)
These days I so seldom get malware that my first reaction when it's flagged is to quietly investigate the file first. Usually it turns out to be a false detection, picked up by one of my spyware scanners. Doesn't happen often. Doesn't bother me that it does. I'd rather the occasional FP than the occasional real baddy missed (if that's the choice.)

Tarq57 · « **Reply #7 on:** June 23, 2008, 12:09:52 PM »

Quote

If I click on Virus Chest it says "Open Chest". Will that release any virus-worm that is located there? Obviously I don't want to do this and am being cautious.

You can open the chest without releasing the curse. The inmates can't get out unless you unshackle them.

Quote

How do I scan the contents of the Virus Chest?

In the "infected files" section of the chest (because the other sections only contain system files, or files you put there yourself), right click on the file concerned, and from the context menu that appears select "scan file".
(From the same context menu you can "unshackle the inmates", if you choose to. Or delete them.Or do nothing. No need to rush or be nervous. These files are harmless in the chest.)

Quote

I am no longer getting the virus-worm alert when I go to my yahoo.com. Has the issue been resolved?

Did you look at the link alanrf posted? Appears it has, with a recent VPS update.

Quote

I am not getting email notification of replies to my posts. How do I program my control center to get this? Your control center is a bit confusing.

Select "Profile", and on the left "notifications and email", and make the selections you want. All three boxes ticked should do the job. 'S just that you're not used to this particular forum layout.
See picture.

sweets · « **Reply #8 on:** June 26, 2008, 09:57:19 AM »

So I scanned the 3 "infected files" in the virus chest after being there for several days as you suggested but got no real information. The message after the scan said, "scanning of selected files, action was completed". What does this mean? What should I do next? If you recall these so called infected files occurred every time I opened my Yahoo account several days ago. Thank you

alanrf · « **Reply #9 on:** June 26, 2008, 10:13:29 AM »

I referred you to a post that quite plainly said that the yahoo.com findings were a false positive and were very quickly corrected by the avast team. This information was reported in the forum.

Your files were not infected - it was a false alarm. Your current scans of the files are not reporting a problem.

Without knowing what these files are it is hard to judge if they still have value to you.

Can you advise us of the names of the files?

sweets · « **Reply #10 on:** June 26, 2008, 11:10:02 AM »

Here are the names of the files in question:
yahoo[1].htm C:\Documents and Settings\Sweets\Loc... 6/19/2008 6:09:27... --no virus
yahoo[1].htm C:\Documents and Settings\Sweets\Loc... 6/22/2008 11:16:0... --no virus
yahoo[2].htm C:\Documents and Setings\Sweets\Loc... 6/22/2008 10:15:3... --no virus

Can I safely delete the above in the chest?

Also, how come I have to go thru a memory test before I can open & view the contents of the chest?
I have to right click the little "a" at the bottom right, choose "Start avast antivirus" & wait for a memory test before I can view the contents of the chest

alanrf · « **Reply #11 on:** June 26, 2008, 11:23:00 AM »

The memory test is a choice - it is a safety measure. You can click on "Stop Memory Test" and in the Program Settings for avast you can tell avast not to run the memory test if you wish to decide to override it. There is also a modification to avast that will allow you to access the chest directly from the "right click" menu rather than going through the "Start Antivirus" - please advise if you want more details.

It would appear that the files in question were Yahoo html (Web) pages that you were attempting to access at the time the false positives were being reported.

The chances are that they are now of little value to you. The full location of the files is not given in your post but I suspect the file location is your temporary Internet cache location. If that is so then you can safely delete these files form the chest now.

sweets · « **Reply #12 on:** June 26, 2008, 11:54:56 AM »

Thank you

It's not that I wish to stop the memory test. I would like to be able to access the rectangular panel that contains the scan selection & the virus chest without first having to go thru a memory test first. Can you tell me how alter or to access the program so that I can pull up the panel first without having to do a memory test first. For instance I would like to be able to do a full scan first or access the virus chest, etc.

I will safely delete the three files in the virus chest now if that's ok. That was the only information other than the time I put them into the chest available.

alanrf · « **Reply #13 on:** June 26, 2008, 12:07:45 PM »

Whether to run the memory test or not is the first option in the "Common" panel of the avast Program Settings. If you uncheck it then the memory test is skipped when you click on "Start avast! antivirus".

sweets · « **Reply #14 on:** June 26, 2008, 12:20:00 PM »

Is it a good idea to run a memory test first? I leave it to you as the expert.
I would like to be able to right click something immediately and do a full scan just after an update without changing the program at all. Can you tell me how to do that with the 4.8 Home Edition version? thanks

Author Topic: virus found (Read 8355 times)

sweets

virus found

Tarq57

Re: virus found

sweets

Re: virus found

alanrf

Re: virus found

Chim

Re: virus found

sweets

Re: virus found

Tarq57

Re: virus found

Tarq57

Re: virus found

sweets

Re: virus found, scanned infected files got no information

alanrf

Re: virus found

sweets

Re: virus found

alanrf

Re: virus found

sweets

Re: virus found

alanrf

Re: virus found

sweets

Re: virus found