Avast WEBforum
Other => Viruses and worms => Topic started by: arryb on March 13, 2009, 12:35:34 AM
-
I've just installed Avast - have been using AVG but didn't like it. And this has popped up:
(http://i262.photobucket.com/albums/ii83/ArryB_photos/ScreenHunter_001.jpg?t=1236804722)
What is it, and what do I need to do to get rid of it?
Any help much appreciated.
Thanks, Arry.
-
It is a pain as avast can't move it to the chest or delete it as it is an important, system file and it's likely to be protected. Some have reported if they rename the file to say user32SUS.dll and reboot, windows should replace it from the dll cache folder, but that a) requires that you have a copy of the file in that location, b) it is the same version and importantly c) that this option works as if it doesn't it might not boot. So I think the next option is the better one, but when working with system files there is always a risk.
There is a tool that by all accounts may be able to repair the infected file so it isn't being moved or deleted.
DrWeb CureIt! - See http://www.freedrweb.com/cureit/ (http://www.freedrweb.com/cureit/) - Download ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe (Free) Fairly effective against file infectors.
After running CureIt I would also suggest two other ant-spyware/malware applications.
If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
- 1. SUPERantispyware (http://www.superantispyware.com) On-Demand only in free version.
- 2. MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe), right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.