Was the Virus Avast detected removed?

[Zyla]

This is the log file:

9/8/2008   11:16:21 PM   1220940981   SYSTEM   1876   Sign of "JS:Packed-D [trj]" has been found in "http://24aspx.com/cgi-bin/index.cgi?script" file. 

9/8/2008   11:16:37 PM   1220940997   SYSTEM   1876   Sign of "JS:Packed-D [trj]" has been found in "C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\Z3SBFCP8\index[1].htm" file. 



I tried to move it to chest but it said this file is being used by another program and cannot be moved.

So i closed Avast and deleted temporary internet files and cookies.

I then ran Avast as a boot time scan and it didnt find it. I also ran Adaware and it didnt find anything.


So is it safe to say its gone? Also any other virus/spyware removal programs i should use?

[Spiritsongs]

   Hi :

 For a "2nd Opinion" it would be best to use a program or 2 that "specializes"
 in combating "trojans", such as the FREE Version of "SUPERAntiSpyware" from
 www.superantispyware.com and possible the "Free" Version of "Malwarebytes'
 Anti-Malware", best downloaded from www.malwarebytes.org/mbam.php .

[wyrmrider]

most likely gone
spiritsongs suggests two good tools which are handy to keep on board

with MBAM
put a check next to any hits and then click REMOVE CHECKED
a backup will be made

with SuperAntiSpyware please quarantine do not remove/delete

let's hope they are clean
if not post the logs

what you did by deleting temp worked
however running the boot time scan first might have worked also and enabled moving to chest where we could take a look at them
hard to tell what it really was

 

[Lisandro]

Most probably you're clean. To be sure, I suggest:

1. Disable System Restore and then reenable it again.
2. Clean your temporary files (again).
3. Schedule a boot time scanning with avast with archive scanning turned on (again). If avast does not detect it, you can try DrWeb CureIT! instead.
4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
7. Immunize your system with SpywareBlaster or Windows Advanced Care.
8. Check if you have insecure applications with Secunia Software Inspector.

[Zyla]

The Trojan came from a website infected with the AspRox Botnet which does a random google search to find websites running ASP and SQL and infects the site with Spyware called AntivirXP08 which then redirects traffic to a site that uploads the AspRox Trojan

[wyrmrider]

Really good to know
Welcome to Avast Forums