FileRepMalware

[REDACTED]

I download a file from the internet to my disk. When I open it asvast said FileRepMalware and delete it instantly (not moving into quarantine zone). I think that my pc has infected virus. And now sometimes avast just pop up and said some file of mind has been infected as FileRepMalware. I don't know what's that do, and it just delete it instantly again. I have to turn the shield off now. Anyone have an idea to fix this ? I can't just wait to let the avast (or actually virus, i don't know) keep deleting my documents. Thank you

[Asyn]

Attach your basic logs. (MBAM, FRST and aswMBR..!!)
Instructions: https://forum.avast.com/index.php?topic=53253.0

[REDACTED]

Here it is

[REDACTED]

Please help me, my computer is currently in danger now

[essexboy]

Could you attach a screen shot of the Avast alert

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?affID=119716&tt=gc_&babsrc=HP_ss&mntrId=A4EF1C659DF1A8F1", "hxxp://www.laban.vn/?utm_source=ssh&u=921f38e592d1cc56a8ea2244cda5408d30a1", "hxxp://www.google.com/", "https://www.google.com/"
C:\ProgramData\hash.dat
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.
  

[REDACTED]

Here's the image

The "virus" seems to be infecting the executable file only, this makes me starting to suspect this virus as Sality.
I'm doing your solution now, hoping it'll work. Thank you

[essexboy]

I saw no indication of sality, but if you wish we will check that out next 

[REDACTED]

Ok this is the fix log file
I'm running AdwCleaner and hope this will work.
Thank you for the result, just glad to hear my computer not infecting the sality
Please check that deep, I'm still sad because some of my important documents are gone
And a question please: I've seen, the other virus avast will block it from running and move it to the chest, but, why with this "virus", avast instantly delete the file without any asking.

[REDACTED]

This is the log for AdwCleaner
Now can i turn on the avast shield ?

[essexboy]

Filerep means it is a new or rarely used file that Avast has no information on

This programme will generate a zip file which I will need.  This will either need to be uploaded to a file sharing site like mediafire  https://www.mediafire.com/ ar placed in your public dropbox if you have it for me to collect

Download AVZ tool from here to your desktop
Unzip all files to a folder on your desktop
Open the folder and double click the AVZ icon
When the tool opens select "File" > "Standards scripts"


Place a tick in :

  3.   Advanced  System Analysis with malware removal mode enabled
5. Update signature database

Then press "Execute selected scripts"


There will be several warnings, OK them all and the system will reboot on completion of the analysis

After the reboot look in the folder AVZ4 on your desktop
Open the LOG folder
Attach KL_syscure.zip to your next post