Author Topic: Virus Attack or????  (Read 4588 times)

0 Members and 1 Guest are viewing this topic.

veegee

  • Guest
Virus Attack or????
« on: March 09, 2011, 11:35:59 PM »
Whatever happened here...did I have a virus attack or what??   Scary stuff!!
The other day I was viewing a video tutorial on Spybot on site (howcast.com).   A minute or so into it a  whole screen message appeared from the web page (5d7539.innersafe14.com) that AV has found suspect activity on your PC and will perform some actions on your PC with a list of 9 infections (hi-med- & critical).  A download box to save or open appeared & I became very suspicious!!  Tried to click out of it but it would not go so I used the back button and was back into the video.  A minute later Avast 6 alert came on and said it blocked infections.

That was such an unusual name for a website  -  was this Windows Firewall or Windows Defender or some sort of virus attack?

Avast File Shield logs  -  1 file deleted,successful  --   2 moved to chest, successful  
Avast Web Shield logs - 5 threats with option choices (repair,delete,send to chest, do nothing)
Both of the above log files were High risk.

I clicked on 'send to chest' from the drop down option list in Web Shield logs but nothing happens.   How can I move them there?

Are the threats in the Web Shield isolated so the computer is protected?  Would that be the sandbox?

Ran scans later:  Avast6, MBAM, SAS,Spybot and all OK.
Could someone please advise me on this?   Thanks in advance.

Windows 7 Home Premium, IE8, Windows Firewall, Windows Defender,Avast 6
« Last Edit: March 14, 2011, 03:55:20 AM by veegee »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37527
  • Not a avast user
Re: Virus Attack or????
« Reply #1 on: March 09, 2011, 11:50:29 PM »
Quote
Could someone please advise me on this?   Thanks in advance.
posting the logs would be a good start   ;)

veegee

  • Guest
Re: Virus Attack or????
« Reply #2 on: March 10, 2011, 02:26:09 AM »
Hi Pondus, I've been searching high and low and can't find out how to post those logs.
Could you please tell me how?

Anyway, there seems to be something amiss here.  I updated the program to Avast 6 free about a week ago but when I check in C:\programs, there is ony Avast 5 there.

Thanks

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37527
  • Not a avast user
Re: Virus Attack or????
« Reply #3 on: March 10, 2011, 02:34:39 AM »
Lower left corner > additional options > attach

veegee

  • Guest
Re: Virus Attack or????
« Reply #4 on: March 10, 2011, 03:36:15 AM »
Sorry Pondus, but I do not have anything that reads additional options & attach.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89006
  • No support PMs thanks
Re: Virus Attack or????
« Reply #5 on: March 10, 2011, 03:42:49 AM »
Sorry Pondus, but I do not have anything that reads additional options & attach.

When you Reply, e.g. make another post, there is an Additional Options link, which when clicked expands, see image (click to expand).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

veegee

  • Guest
Re: Virus Attack or????
« Reply #6 on: March 10, 2011, 07:35:23 AM »
Thank you for your help DavidR, sure made it clearer.

But I really don't know where to find these shield log files and would greatly appreciate your help with this.
                       
Thanks

Windows 7 home premium, avast6 free

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89006
  • No support PMs thanks
Re: Virus Attack or????
« Reply #7 on: March 10, 2011, 02:41:57 PM »
You're welcome.

Check the C:\ProgramData\AVAST Software\Avast\report folder and open them using notepad. The information is in chronological order, latest entries at the bottom. If you can find the relevant entries, you could just as easily copy and paste the various detection entries into your post and not have to attach the actual files.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

YoKenny

  • Guest
Re: Virus Attack or????
« Reply #8 on: March 10, 2011, 03:14:26 PM »

Windows 7 Home Premium, IE8, Windows Firewall, Windows Defender,Avast 6

So that you do not have to put this in your posts please go to PROFILE then Modify Profile then Forum Profile Information  then update your Signature: with information like my signature and DavidR's signature as this helps the helpers offer pertinent advice.

In Account Related Settings select Hide email address from public? to prevent scammers and spammers harvesting your gmail.com email address.

Note: After you hide your email address only you and the forum Moderators can see your email address.

veegee

  • Guest
Re: Virus Attack or????
« Reply #9 on: March 10, 2011, 07:52:08 PM »
Here are the log files:

File Shield Log File

01/03/2011 6:30:21 PM   C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll [L] Win32:Spyeye-BG [Trj] (0)
While moving file to chest, error occurred: The process cannot access the file because it is being used by another process
File was successfully deleted...

05/03/2011 5:31:38 PM   C:\Users\myname\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XLPZUILG\toughest-yoga-poses[1].html [L] HTML:Script-inf (0)
File was successfully moved to chest...

06/03/2011 9:18:35 PM   C:\Users\myname\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HGW9RCG0\setup[1].exe [L] Win32:Rootkit-gen [Rtk] (0)
File was successfully moved to chest...


Web Shield Log File

20/02/2011 2:33:31 PM   http://touristinfo-clinika.tk/scanner15/?afid=90|>{gzip} [L] JS:FakeAV-FQ [Trj] (0)

05/03/2011 5:31:38 PM   http://francisbrunotate.blogspot.com/2011/03/toughest-yoga-poses.html|>{gzip} [L] HTML:Script-inf (0)
05/03/2011 5:32:38 PM   http://francisbrunotate.blogspot.com/2011/03/toughest-yoga-poses.html|>{gzip} [L] HTML:Script-inf (0)


06/03/2011 9:08:23 PM   http://5d7539.innersafe14.com/setup.exe|>{gzip} [L] Win32:Rootkit-gen [Rtk] (0)
06/03/2011 9:16:42 PM   http://5d7539.innersafe14.com/setup.exe|>{gzip} [L] Win32:Rootkit-gen [Rtk] (0)
« Last Edit: March 10, 2011, 07:58:21 PM by veegee »