Author Topic: New user  (Read 10700 times)

0 Members and 1 Guest are viewing this topic.

rabind

  • Guest
New user
« on: April 27, 2005, 07:39:57 PM »
I am a new user and used the avast anti-virus yesterday. When a worm/virus was detected, it was recommended that I send it to the virus chest. Upon doing that I got the message that "virus chest is not operational. RPC com failed." Also got the message Virus Recovery Database VRDB) not done yet.
After downloading the Avast I did as told as best as I could to follow the recommendations. What do I have to do now?

By the way the virus Netsky was found topgether with 4 Trojans ie.
Win 32: Hackarmy
Win 32: Loony-G
Win 32-RPC Exploit
Virus/Worm - Win 32: Kuang 2

I am not sure if they were eliminated.
Would really appreciate some help.
Thanks




Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: New user
« Reply #1 on: April 27, 2005, 07:57:22 PM »
Did you reboot after installing?

Avast usually tells you that you need to reboot and asks if you want to schedule a boot-time scan.

Reboot and try again.

Run a scan. If Avast! finds a virus in memory it will ask if you want to schedule a boot-time scan. Accept and reboot again.

You could also try to schedule a boot-time scan before you reboot.

Either way you're going to have to reboot before Avast! functions correctly.

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: New user
« Reply #2 on: April 27, 2005, 10:33:29 PM »
"virus chest is not operational. RPC com failed."
Well, just from the beginning something is wrong into your avast installation.
Can you repair it?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove
Then choose Repair function in the popup window (Repair).
You must be connected to the internet while repairing.

Also got the message Virus Recovery Database VRDB) not done yet.
This is normal as you've just installed avast and VRDB could not have time to be generated.
It will only worth if you do it when your computer is safe and clean.

I am not sure if they were eliminated.
Try the scanning suggestions of Frank.
The best things in life are free.

rabind

  • Guest
Re: New user
« Reply #3 on: April 28, 2005, 06:09:41 PM »
Hi FF

Thanks for your response.
I read up other posts in this Forum and decided that my installation was corrupt. So I uninstalled and reinstalled, and it looks alot better now.

Followed your advise and rebooted after installing. Thanks.

rabind

  • Guest
Re: New user
« Reply #4 on: April 28, 2005, 06:42:33 PM »
Hi Technical

Thanks for your response.

I could not repair as the repair button was not there, due to my download/installation being corrupt as per to FF above.

VRDB is OK now.

I don't know how to reply properly, I find this interface quite difficult, but I need more help from you and FF:

1.  Upon the reinstallation, there were the two icons in the SystemTray. But after I started my computer again after a few hours, the icons are gone. I am worried now if the scanner is still actively protecting my computer. Went to Start/RUN/msconfig, to enable it, but couldn't find Avast there. What can I do to have it in the systems tray? Went to Start/RUN/services.msc, and saw that Avast is enabled on Automatic. So it may be on, but I am not too sure. I do need it in the systems tray for reassurance.

2.  How shall I configure Avast for the best/max protection?

3.  During the scan the Kuang2 virus/worm was still found in two instances, and I followed the advise and placed it in the Virus Vault. Do I leave it there or can I eliminate it from there?

4.  In the report/logs, it was stated that "Unable to scan: Archive is password protected"
Quite a large number of files in that category. I don't remember placing any password. How can I remove the password?  Quite alot of the files are:
 C:\Documents and settings\All Users\.....\sbRecovery.ini

Thanks







Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: New user
« Reply #5 on: April 28, 2005, 10:28:35 PM »
http://www.securityspace.com/smysecure/catid.html?id=10132

I found this reference to Kuang2 being able to hide icons, which is worrying.

I suggest you tell us more about your operating system, have you got a firewall and were you using an anti-virus program before avast!? That could be important.

I suggest you download Trend Micro Sysclean and a firewall program (e.g. Zone Alarm) if you don't have one. Disconnect from the internet and do a boot-time scan with avast! and a scan with Sysclean as a double check. Also run Ewido and TDS-3 at the same time you run Trend and avast! to check for Trojans.  Install a firewall (if you didn't have one) and reconnect to the 'net.

Edit: Kuang is a backdoor program and allows somebody access to your computer. Don't trust any ONE program to clean it afterwards. Symptoms of a computer compromised in this way can be interference with anti-virus programs. A scan with one anti-virus product is unlikely to clean up such a system, in fact a complete system restore may be necessary to guarantee returning control of yourself.

I would like to see you rule out such a possibility before you continue. TDS-3 is good at finding Trojans etc that an anti-virus program may miss. (Don't forget to download the update file.) Also use Process explorer to check for suspicious running processes. If you find no malware running processes you can relax a bit, but I suggest Trend and Ewido as a double check.

But also remember the word of The Book: DON'T PANIC!

If you have been using a firewall and anti-virus, all of this could be irrelevant, and your system could already be clean.

Report again.

« Last Edit: April 29, 2005, 10:04:28 AM by FreewheelinFrank »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: New user
« Reply #6 on: April 29, 2005, 03:40:40 AM »
1.  Upon the reinstallation, there were the two icons in the SystemTray. But after I started my computer again after a few hours, the icons are gone. I am worried now if the scanner is still actively protecting my computer. Went to Start/RUN/msconfig, to enable it, but couldn't find Avast there. What can I do to have it in the systems tray? Went to Start/RUN/services.msc, and saw that Avast is enabled on Automatic. So it may be on, but I am not too sure. I do need it in the systems tray for reassurance.
Click 'Control' in my signature and download avast! External Control.
There you will find how to get your icons back, restarting and enabling avast! protection.

2.  How shall I configure Avast for the best/max protection?
Depends... First, have avast! working with the default configuration, learn, browse the forum, read something in the help files.
When you get more used to the fantastic configuration power of avast! we can talk more  ;)

3.  During the scan the Kuang2 virus/worm was still found in two instances, and I followed the advise and placed it in the Virus Vault. Do I leave it there or can I eliminate it from there?
Virus Chest is safe. Let the file there at least for 30 days... it won't harm your computer and you'll be sure you don't need that file (could be, in some cases, a system must have file...  :-[).

4.  In the report/logs, it was stated that "Unable to scan: Archive is password protected"
Quite a large number of files in that category. I don't remember placing any password. How can I remove the password?  Quite alot of the files are:
 C:\Documents and settings\All Users\.....\sbRecovery.ini
These files are passworded by SpyBot. They're clean and safe but if they're not passworded they will be detected as malware. Spybot encrypts its files to protect you. Don't worry, password protected files won't harm your system. If they are open, avast! will caught them...

Read more here: http://forum.avast.com/index.php?topic=13117.msg110572#msg110572
The best things in life are free.

rabind

  • Guest
Re: New user
« Reply #7 on: April 30, 2005, 09:33:27 AM »
Hi FF

Thanks for all your good help.

http://www.securityspace.com/smysecure/catid.html?id=10132

I found this reference to Kuang2 being able to hide icons, which is worrying.

I had a look at it. It is worry ing alright.


I suggest you tell us more about your operating system, have you got a firewall and were you using an anti-virus program before avast!? That could be important.

Mine is a 10 month old NEC 2.6Gz computer came pre-installed with XP Home. I've been using the free version AVG anti-virus for several years with no problems. Updates are automatic.
For spyware, I have been using Ad-aware, Spybot, CW Shredder, SpywareBlaster, and MSAntiSpyware. I do these quite regularly.
For Firewall i have been using Kerio free Home version also for several years with no problems.

But also remember the word of The Book: DON'T PANIC!

No. I won't panic. I have your good support, and easy to understand instructions for a newbie like me.

I did a boot-time scan again - No infected files.

I did the complete scan again - No infected files.

Shall I set the Resident Scanner from Standard to High?
I am worried if I do, I may be restricted from some web sites and other constraints.

Also on AVG I was told by MS Newsgroups Gurus to disable email scanning as it does not really scan emails and causes problems to my Outlook Express Inbox. What about in Avast. Is there email scanning and do I have to disable it?

Because of the absent icons in the Systems Tray, I have AVG still running and possibily Avast too. No problems so far, but I know I will have to disable AVG when I am sure Avast is running. I do appreciate that Avast is much more superior.

Anything else I have to do?
TIA 



















rabind

  • Guest
Re: New user
« Reply #8 on: April 30, 2005, 09:49:24 AM »
Hi Technical

Thanks for all your good help.

>Click 'Control' in my signature and download avast! >External Control. There you will find how to get your icons >back, restarting and enabling avast! protection.


Where do I find Control and External Control? Couldn't find it.
In addition to the icons being gone, the 'click to hide' facility is also gone. Now all the icons in the systems tray are showing, with no means to hide most of them as before.

I've tried to bring your quotes into my reply, but I cannot get them into the blue box like in your reply. How do I do that?
Simple explanations please.
TIA

















Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: New user
« Reply #9 on: April 30, 2005, 01:32:42 PM »
Hi Rabind,

I think your problem is unlikely to be an infection, as you've been using an anti-virus program and a firewall. I have seen some references on the forum to a possible false positive with Kuang2, so it might even have been that.

I think your problems with the missing icons probably arises from using two anti-virus programs at the same time. The two programs conflict and neither works correctly.

In my opinion at least, avast! is now a better program than AVG. I suggest you uninstall AVG and continue with avast! In any case you must install one.

I use avast! with Thunderbird, so I can't comment on Outlook Express. To be honest, my ISP has never let through a virus anyway. (Edit: Avast! does scan incoming emails. If you don't want this, you can turn off the Internet Mail 'Provider', although removing an extra layer of protection is not recommended!)

I'm not sure what difference switching resident scanner from standard to high makes, but it won't restrict which websites you can view. Webshield will prevent any viruses being downloaded when browsing, but it doesn't usually prevent a site from being viewed, only the virus from downloading. You are more likely to find that SpywareBlaster has put constraints on your web browsing (if you use Internet Explorer): you will not be able to download from sites it has put in the Restricted Zone. Spybot Search & Destroy also has an option to put sites in the host file, and if you have done that, you will not even see these sites. In both cases, the restrictions and constraints are there for a good reason!
« Last Edit: April 30, 2005, 04:05:19 PM by FreewheelinFrank »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: New user
« Reply #10 on: April 30, 2005, 01:56:38 PM »
Click 'Control' in my signature and download avast! External Control. There you will find how to get your icons back, restarting and enabling avast! protection.

1. Download AEC: http://forum.avast.com/index.php?topic=13149.0 or visiting www.excessive-software.tk
2. Choose the option avast! Tweaker (the second line)
3. Click on 'Show tray icon'
4. Apply changes. Maybe you have to boot to make them effective
« Last Edit: April 30, 2005, 07:57:36 PM by Technical »
The best things in life are free.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: New user
« Reply #11 on: April 30, 2005, 03:34:40 PM »
rabind
It's perfectly OK to answer more than one person in a single post. ;D
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

rabind

  • Guest
Re: New user
« Reply #12 on: May 03, 2005, 06:44:40 PM »
Hi bob

>It's perfectly OK to answer more than one person in a single >post.

Thanks


Hi Technical

Did download AEC and did as you told. But as usual the icons would be there for a while only to disappear later. The file too:
C:\My Download Files\Alwil Software\Avast4\ashDisp.exe
would be in Startup of System Configuration Utility and checked. When the icons disappear, so too would the file in SCU. Anyway I can place the file back there?

I had laboured the whole of Labour Day, trying without success. I even uninstalled and reinstalled twice. Today was a better day. The icons remained for the whole day, but disappeared an hour ago.

Tried your previous advise:
>Go to Control Panel > Add/Remove programs > avast! >antivirus > Remove
>Then choose Repair function in the popup window (Repair).
>You must be connected to the internet while repairing.

I do not see the "Repair" button there. Only "Change", "Uninstall", and "Update". Anyway of having the Repair facility? Mine is a cable "always on" connection to the Internet.
TIA



Hi FF

>Spybot Search & Destroy also has an option to put sites in >the host file, and if you have done that, you will not even >see these sites.

I did not do that. I am not good at Hosts files so I don't touch it.  

I did a "Thorough" scan today. No infections found. And no icons too!! :-)

Thanks for all your help.


















Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: New user
« Reply #13 on: May 03, 2005, 06:55:55 PM »
Hi Rabind,

You said previously that you have AVG on your computer, but you haven't said if you have uninstalled this.

Just to confirm, are you only running one anti-virus program now? Two running at the same time could conflict and cause problems.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: New user
« Reply #14 on: May 03, 2005, 09:52:20 PM »
C:\My Download Files\Alwil Software\Avast4\ashDisp.exe
I even uninstalled and reinstalled twice.
Do you always use the same installation folder or you've installed avast in more than one folder?

I do not see the "Repair" button there.
Isn't it on the bottom of the left side column? If not, it's weird and stange...
Are you connected to the Internet while trying to update?

I did a "Thorough" scan today. No infections found. And no icons too!! :-)
What about AVG or any other antivirus?
The best things in life are free.