Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: ace624 on April 21, 2008, 06:05:51 PM
-
I have recently run a scan on my laptop and it told me that it found 2 trojan virus'. I have tried everything I know to do and it keeps telling me that the operation isn't supported for this type of archive. Here are the 2 virus' it found, the first one appears 3 times and the second only once.
Win32:Spyware-gen[trj]
Win32:Dialer-567[trj]
The first one appears in these files:
C:\Documents and Settings\Dell PC\Local Settings\Temp\syswcc32.exe\whAgent.exe
\whInstaller.exe
\webhdll.dll
The second on appears in this file:
C:\Documents and Settings\Dell PC\Local Settings\Temp\syswcc32.exe\whiehlpr.exe
-
:) Hi :
You do NOT have "Viruses", but other types of "Malware" ; do you have
any antiSPYWARE/antiTROJAN program(s), such as the FREE Version of
"SUPERAntiSpyware" from www.superantispyware.com on your computer ?
-
I suggest:
1. Disable System Restore and reenable it after step 3.
2. Clean your temporary files.
3. Schedule a boot time scanning with avast with archive scanning turned on.
4. Use SUPERantispyware (http://www.superantispyware.com) and/or Spyware Terminator (http://www.spywareterminator.com/) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
5. Test your machine with anti-rootkit applications (http://www.antirootkit.com/software/index.htm). I suggest avast! antirootkit (http://files.avast.com/files/beta/aswar.exe) or Trend Micro RootkitBuster (http://www.trendmicro.com/download/rbuster.asp).
6. Make a HijackThis (http://www.bleepingcomputer.com/files/hijackthis.php) log to post here or, better, submit the RunScanner (http://www.runscanner.net/) log to to on-line analysis.
7. Immunize your system with SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) or Windows Advanced Care (http://www.iobit.com/AdvancedWindowsCarePersonal/index.html).
8. Check if you have insecure applications with Secunia Software Inspector (http://secunia.com/software_inspector/).