Avast 4.8 - trojan detected

I'll get back with you on that soon.

Details of the item stored in the chest in Avast:

Original file name: PROCESSLIST.BIN
Original folder: C:\Documents and Settings\My Name\Application Data\SuperAntiSpyware.com\SuperAntiSpyware
Size of file: 4030397
Virus description: Win32:Delf-KNW[Trj]
File ID: 22

update last night to fix some false positives. Make sure you get the latest update and restore the file and scan again and see if it is still being flagged, That looks like a false positive to me.


Here is the update history page with everything that was added so you can see for yourself. Look at yesterday's second update below on that page.

Update avast! 4.x VPS (released:12.7.2008, version: 080712-1)

# 12.7.2008 - 80712-1

This VPS update contains only fixes to existing definitions or removal of false alarms.
http://www.avast.com/eng/vps_history.html

There has also been another released since then.
Update avast! 4.x VPS (released:13.7.2008, version: 080713-0)

You mean you put the Processlist.bin file (part of SuperAntiSpyware) is the chest? Then leave it there and reinstall SuperAntiSpyware, because probably it won't run without this file. If it's tagged again as a virus or trojan, neglect the warning! It's a false positive then.

If it's something else, can you give a better description of your problem. All we know now:
- it's getting worse
- it seems like it is going to crash [how does that look?]
- IE has been messing up
- messenger has been messing up
That's not much to help.

Kees

Sorry I have the anti-virus scanning again to see if it is going to tell me that it is still a virus....My messenger is deleting people off my list and sometimes not even letting me log on....My internet expore keeps on telling me that the page can not be displayed or if I am on facebook or something that you have to log into it keeps telling me that I am not logged on even if I had just loged on...Some on the programs that came with my pc are not working anymore they will not even open....I will let you know what the virus is and the file and stuff soon thanks

Win32:Mapler-I [Trj]
Win32:Mapler-I [Trj]
Win32:Root-gen [Rtk]
Win32:Trojan-gen {Other}


I am not sure if this will help any

Sorry it is not saying that it is a virus it is saying that it is infected...I am confused on what to do....I scanned each of them and there is no virus found should I just restore them?

then it's indicating you have a couple of trojans & a Root Kit on-board.
Super Anti-Spyware should be able to find & remove these. Likely it will put them in quarantine (where they're harmless) for safe storage 'til you decide to empty/delete them. The reason for this is IF they turn out to be F.P"s, you can then restore the quarantined files back where they belong. This is ALWAYS a good idea(safe storage)to have as default behavior. It IS possible, if SAS already removed & stored them, Avast might find them there and report same to you. Avast probably can't remove them from SAS storage, only SAS can.

You can also get a Free Root Kit Remover from F-Secure called "Blacklight" in it's free-standing form. Beta but never misbehaved for me in years of different Beta versions: http://www.f-secure.com/blacklight/


Particularly because of the root kit, you might prefer to re-boot into Safe Mode and then run SAS from there. How to boot to S.M.:
http://www.pchell.com/support/safemode.shtml
Hope this helps.