Author Topic: Avast! 4 Home/ ashAvast.exe file invisible, Avast will not run HELP!  (Read 10510 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84754
  • No support PMs thanks
Re: Avast! 4 Home/ ashAvast.exe file invisible, Avast will not run HELP!
« Reply #15 on: July 09, 2007, 05:44:18 PM »
Assuming you were able to find it (probably long gone by now due to the processes you have run), adding it to the avast chest will not release it into the system, the avast chest is a protected area where the malware can't get out nor anything (other than avast) get in and execute any file stored there.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.2.2455 (build 21.2.6096.648) UI 1.0.608/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Avast! 4 Home/ ashAvast.exe file invisible, Avast will not run HELP!
« Reply #16 on: July 09, 2007, 07:56:23 PM »
When should I reable my system restore?
After you're clean or at any time now... if it gets infected, just redo the process: disable than enable. This deletes the infected restore points left behind.

Should I keep all the other protection softwares?
They won't harm, on contrary 8)
The best things in life are free.

Offline mauserme

  • Massive Poster
  • ****
  • Posts: 2475
Re: Avast! 4 Home/ ashAvast.exe file invisible, Avast will not run HELP!
« Reply #17 on: July 10, 2007, 05:39:32 AM »
The paths to the quarantined files are

C:\Qoobox\Quarantine\C\DOCUME~1\xxx\APPLIC~1\hidires.vir\hidr.exe

C:\Qoobox\Quarantine\C\DOCUME~1\xxx\APPLIC~1\hidires.vir\rosa.sys


I don't know if you will be able to copy these to the avast! chest without moving them out of the ComboFix quarantine (and I would advise against it).  But if you can do it while leaving them where they are please do.

When you're finished trying that post the results of your efforts - I would like to clean these infected backups and remove some of the specialized tools we used.  We should also clean your restore points and talk a bit about a firewall.

In your HijackThis log there are 2 lines that seem to be related to the Trend Micro Dashboard.  It appears to have been uninstalled and we can remove the traces of it unless you are still using it.


EDIT:  I forgot for a moment you turned System Restore off,  but I would like to start with a clean point after deleting the malware backups none the less.
« Last Edit: July 10, 2007, 05:46:15 AM by mauserme »
"If at first you don't succeed keep on sucking 'till you do succeed" - Curley Howard in Movie Maniacs (1935)

Offline AR1

  • Newbie
  • *
  • Posts: 7
Re: Avast! 4 Home/ ashAvast.exe file invisible, Avast will not run HELP!
« Reply #18 on: July 12, 2007, 11:18:05 PM »
Hi there,

Well, I've tried to send the viruses off, but the Combofix files that I compressed were blocked by the Hotmail scanner and the Avast chest will only send via a std. email service (Outlook, etc.), while I use Hotmail.

If there are any ideas on how to send them off, they'ld be well appreciated.

When (or if) I send them off, how should I 'get rid' of them, or should I just leave them there?

With regard to the Trend Dashboard; how can I remove it?

Also the rest of the issues you stated, I'ld like to try and deal with them.

Many thanks,
AR1

Offline mauserme

  • Massive Poster
  • ****
  • Posts: 2475
Re: Avast! 4 Home/ ashAvast.exe file invisible, Avast will not run HELP!
« Reply #19 on: July 13, 2007, 06:11:34 AM »
Just to double check before we remove the tools please upload this file to Virus Total and post the anaysis

C:\WINDOWS\system32\winzvprt5.sys
"If at first you don't succeed keep on sucking 'till you do succeed" - Curley Howard in Movie Maniacs (1935)