Avast acting weird!!help..

this morning a friend of mine ask for help because he..just notice their antivirus w/c was Avast (home edition)..because they dont have internet connections,was acting weird :

il upload the pictures later Please check it out..

when he checked his Avast virus chest his some unused>nvidia files sumthing like that (3dvision.exe) were put to virus chest,theme generators and even some adobe reader components (.exe)...i scanned them one by one..and the result is --no virus-- then i tried to restore it,but it cant. .and when i open its folder directory.the avast will beep and beep..and will say "virus has been detected"..more than 30 times. .

What is wrong with this ??!

Download, install, update and run a full scan with Malwarebytes.

If nothing is found, you can uninstall Avast and replace it with comparable Microsoft Security Essentials, then Run a full scan with it.

gregrocker said:

Download, install, update and run a full scan with Malwarebytes.

If nothing is found, you can uninstall Avast and replace it with comparable Microsoft Security Essentials, then Run a full scan with it.

Click to expand...

but how can i restore the files back??it seems its not working..

You might want to look through this Avast tutorial about restoring files to make sure you're following the correct steps. In the search box type in restore files from virus chest.

https://support.avast.com/index.php

Now look at this photos!! im still going on about your suggestions :

you can see those are obviously not virus..or malware,trojan,worms etc. .i scanned them all one by one..

rigz said:

you can see those are obviously not virus..or malware,trojan,worms etc. .i scanned them all one by one..

Click to expand...

As gregrocker said earlier, I'd also suggest uninstalling Avast. Something might have corrupted the program. You could go into control panel > programs and features to uninstall but I prefer Revo Uninstaller. It does a better job of removing program leftovers. There are two versions of Revo - free and a 30 day trial. The free should work just fine.

Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems

Once Avast is uninstalled I'd follow with gregrocker's additional suggestions. Install Microsoft Security Essentials so there's a security suite on the machine. Download, install, update and run Malwarebytes full scan. If no malware is detected you could either keep MSE or uninstall and go back to Avast and see if it's working correctly.

Respectfully, I'd suggest you will be better off using Avast's own removal tool rather than any third party solution...

aswClear

OakenG said:

Respectfully, I'd suggest you will be better off using Avast's own removal tool rather than any third party solution...

aswClear

Click to expand...

--also contains directions to be executed in SafeMode.

or, for better exposure post "also" in the avast forums. The developers there would love to hear this one plus you can learn more "how to use avast". As for the files(encountered some nvidia/adobe files wanting to make a hook through .dll's --which seems to be corrupted), will be lost "if" you cannot recover it properly prior uninstall. A re-installation of the main nVidia driver package and the Adobe package looms.

Your screenshots are blank except the "German Sheperd Dog Licking Screen Cleaner.exe" which is clearly a Win32FileInfector there as detected by avast. Can also be an FP. So you better check it via VT/Jotti/Filterbit.

theme generators and even some adobe reader components (.exe)...i scanned them one by one..and the result is --no virus-- then i tried to restore it,but it cant. .and when i open its folder directory.the avast will beep and beep..and will say "virus has been detected"..more than 30 times. .

Click to expand...

Where is the scan result or image/screenshot that says, that the files are "clean" and "--no virus--" as you state? That "German Sheperd Dog Licking Screen Cleaner.exe" may be a variant of those 2007 dog-licking-screensaver with embedded trojan affecting display functions(may have very well corrupted the nVidia driver package and Adobe Flash). Kinda/seems like rootkit behavior there and Avast is trying to block it(having a hard time also it seems). MBAM scan will be nice(as gregrocker suggested).

You can send the samples(including the "German Sheperd Dog Licking Screen Cleaner.exe" ) to avast for verification and some copies to VirusTotal/Jotti/Filterbit.

By any chance did you happen to click "Add the file to the scan exclusion list" in the pop-up for the "--no virus--" files you stated?



It's on you what steps you will take. Goodluck.

owh! i forgot to post here that it was already solved. . i used malwarebytes to scan through my system and Avast boot scan my files were really affected and thank God i have a System image backup to restore my nvidia and adobe files..but not with the screen savers anymore because it was said it is suspected to contain virus.

rigz said:

owh! i forgot to post here that it was already solved. . i used malwarebytes to scan through my system and Avast boot scan my files were really affected and thank God i have a System image backup to restore my nvidia and adobe files..but not with the screen savers anymore because it was said it is suspected to contain virus.

Click to expand...

Glad to hear you got this sorted out. Yep, system images are handy things to have.

Help!! Virus experts!

woaw i dont know why i cant kill this malware inside my system! this thread was still a continuation of this post! and luckily it was not still mark as SOLVED even though ive stated it last time.. Can someone help me? i already used Malwarebytes updated and Avast deep boot scan-which i updated it already...and i though everything was fine because i doubled scanned it..but just this morning when i run a program in my drive D: the virus occured again! same virus "hijack registry editor,hijack taskmanager" and a winfile infector kackuka-i think?

Are you using the most recent version number of Malwarebytes? They recently released a new version.
If you can get into Task Manager try to kill the processes, if you are unable to, you might be able to find the evil critter inside your "programs" folder on your main drive, it should be labeled as it's real name or under a name you would think is harmless.