Avast WEBforum
Other => Viruses and worms => Topic started by: swips88 on September 22, 2011, 09:53:04 PM
-
After running Avast in boot mode on XP machine found what it thought were 30 infected files. I have been having trouble getting to the bottom of this so I had avast quarantene all these files. Now networking does not function at all. Previously I could not login to network drives or see Server shares or even see server. Now cannot even get on internet before I could.
machine had Alureon and Sirefef rootkit viruses
1 file Avast found bad was netbt.sys
also redbook.sys and p2p.dll
I tried copying these files from another machine and replacing onto infected machine but no improvement.
Netbios does not seem to load making network not function.
Event Log shows following services not loading:
TCP/IP NetBios Helper - error 1075 dependency service doesn ot exist
DHCP Client - error 1075
-
welcome to the forum.
what version of avast you using?
what files has avast flagged as malware? whats the location for that file?
upload that file to virustotal and post the result here so we can have a look on it and determent if it is false threat or not.
virustotal.com
-
If these detections were from a boot-time scan - Look in the C:\Documents and Settings\All Users\Application Data\Avast Software\Avast\report\aswBoot.txt file (XP location) C:\ProgramData\Avast Software\Avast\report\aswBoot.txt (Vista, Win7 location), check this file using notepad for info on the scan/detections, etc.
You should be able to copy and past the file name, location and malware name information for those detections.
-
So far I have not had time to look at this.
We decided to just take the machine off our network for now and replace with a new box. Machine was 6 years old so it was not really worth the time. Maybe when things are slow I will look further into the logs and get back here to post.