Avast Detected Trojan And Its Not Letting Me Open My IE Browser

Discussion in 'other anti-virus software' started by sooflymami, Dec 14, 2008.

Thread Status:
Not open for further replies.
  1. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    A while ago, I clicked on the IE icon on my desktop and went to check my messages on Myspace. And then all the sudden, Avast popped up on my screen saying that the virus has been detected and it was a Trojan one that said worm/malware I believe. I want to open my browser on IE again, but when I click on the IE icon on my desktop, it opens for like 1 second and then it disappears..I tried doing that many times and it did that. I also saw my bar (That bar place that has the Start button and the clock and all those icons) disappear as well few times after that. And When avast detected a trojan that said worm/malware, I clicked "Move To Chest Button". What should I do? I'm doing a boot scan right now.
     
    Last edited: Dec 14, 2008
  2. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Hello I'm on the phone with Soofly right now and the Avast Boot scan finished. Now its been 10 minutes and the screen is still black. We tried shutting down with the power button but the screen is still black and nothing comes up. The courser can still be seen but the screen is black and we can't click on anything or do anything. What is the problemo_O
     
  3. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
  4. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    I'm on my other computer right now since it's not letting me go on the other one and when I did the boot scan, nothing detected..but I did see a name of a certain file saying avast.boot something as a reported file. Other than that, no infections was found. What should I do? I still think it's some virus or spyware that's affecting my computer because after that trojan virus has been detected and moved it to the chest, it has been acting very strange and it wont let me go into the windows starting up thing..I don't even know why it's still acting strange even though it's in the chest now. Was I supposed to delete instead of move it to the chest? What can I do in order to fix this problem?
     
    Last edited: Dec 14, 2008
  5. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    You can try this. http://freedrweb.com make a live CD rescue and burn the ISO,Follow instruction it may or may not help.
     
  6. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    Haven't tried that yet..would it let me update definitions on SuperAntiSpyware by going under Safe Mode and then scan with that program?
    And does anyone know if that certain virus thats inside the chest is causing these issues or if its something else?
     
    Last edited: Dec 15, 2008
  7. Pseudo

    Pseudo Registered Member

    Joined:
    May 4, 2008
    Posts:
    193
    Boot Windows into Safe Mode with networking if you wish to update any programs or access the Internet.
     
  8. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Soofly wants to know if the virus she moved to the chest could be causing the black screen.
     
  9. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Virus inside the chest causing the black screen? Absolutely not. Not in the sense she means, anyway.
    Once something is in the chest, it cannot run.

    That doesn't exclude the possibility of other malware being on the computer, though, run SAS or MBAM as suggested above (safe mode with networking.)

    Can you post the full path and name of the infected file, please, and also the name of it as it appears in the "infected files" section of the chest.

    Myspace is notorious for malware. A lot of the social networking sites are, unfortunately. I've had a look at your intro page, and (of course) can not get further than that, but there was no sign of malware on it. Just some pretty pictures, and a few gifs.
    Had you opened any of the messages when the warning first popped up? Logged in? Just where were you up to?
     
  10. GideonD

    GideonD Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    150
    I got a message this morning about ils.dll, which I think it netmeeting related, being a rootkit and after this Avast prompts for a boot scan. I ignored it for now and did not do the scan as I'm fairly certain this is a false positive. I submitted the file to Avast and I'll wait until the next update before I do a system scan.
     
  11. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Wasnt it some critical system file that got quarantined wich causeing the malfunction?
     
  12. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Did you already tried starting Internet Explorer without add-ons? To do that right click on the Internet Explorer(IE) icon click on no add-ons. It could be that Avast is denying that an iexplore.exe to run an add-on and that could be the reason why Internet Explorer will not load.

    Did you already removed the installation disk of Avast or the bootable disk that you created to scan? See if you now are able to boot. Try this also keep pressing the left shift button after you saw the BIOS screen this will only load necessary drivers.

    The behavior of the disappearing taskbar is related to explorer.exe. Does it happen very frequently? If so you can try this.

    What file was being quarantined? It might be a critical windows file or file that is needed so that IE can work without problems.
     
  13. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    I received the same message after start this morning (about 15min ago.)
    Have located the file in two places; system 32 and i386 service packs.
    Also pretty sure this is a FP.
    Possibly related to the OP.
    Sooflymami
    run a search for "ils.dll" (no quotes) and let us know if this file is present in your system 32.
     
  14. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Big thread running about ils.dll here.
     
  15. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    We can't get into safe mode either. The black screen stops us yet again. :(
     
  16. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Have a look at this.
    If you're fortunate, it's cause (1).
    (Hope you have install media - ie: a Windows disk - if it's cause 2.)
    Given the number of issues she has had with this computer posted about at Wilders, with several of them seeming to be unresolved (or at least, not posted as resolved, the threads just seem to peter out...) it may be time to look at a format and re-install. (You'd loose everything, except Windows, of course. Passwords, ISP configuration, programs etc., basically, anything that isn't part of Windows.)
    If you were to select this course of action, it would be worth trying to boot off the Windows disk first, and if the thing works, immediately backup all valuable files,favorites, and write down any passwords used for forums, Myspace etc. You can Google for tutorials on re-formatting.
    (A repair install of Windows might work.)

    Then it would be beneficial to have stuff you want to load on the fresh install on a flash drive. Like the AV install file, and SP3, which, despite your reservations, I've had no issues with, and it would save you maybe half an hour or more of Windows updates. (One of the updates offered will be SP3 anyway.)
     
  17. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    I'll burn her the Dr Web CD and boot off of that. :) I hope that helps.
     
  18. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    I really think the problem is (at least partly) that a required Windows file (or more than one) has been removed or quarantined. It could be malware, but there are a lot of FP's reported at the Avast forum in the last day or so. If she has quarantined system files, and you can get into the chest using the DrWeb CD (sorry, I don't know what this does - never had to use one) you might be able to restore the files and get things working.
     
  19. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    Yes, I was already logged in when it said virus has been detected. I opened messages from my friends and then after I opened one of my friends messages, thats when it said "virus has been detected"...it didn't have any links when I opened the messages though. I'm thinking maybe it was Myspace Advertisements loaded a virus on my computer. And I meant if that same virus that I moved it to the chest was causing my computer to not take me to the windows start up screen and other strange stuff that's been doing since I got a virus.
     
  20. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Sooflymami, how long had the computer been running when you got the detection message, and do you remember the name of the file or virus it reported? And which Avast module reported it?
    (Always a good idea to jot those down. Makes troubleshooting easier.)
    Maybe the message contained an infection. Or maybe, if it was not long ofter the computer start, the avast antirootkit detected something incorrectly. If you look at the avast forum, you'll see there have been a large nr. of FP's with that over the past day.
     
  21. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    We don't know what shield detected it unfortunately.
     
  22. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    And how long had since startup when the warning came up?
    And do you remember anything about the name of the infection?
    If you don't know the answers to any questions anybody asks, just say so.
    (Don't make me keep posting the questions.)

    Any luck with the Avira disk? Tried that yet?
    Got a Windows CD?
     
  23. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Did you already tried what I suggested? Because you didn't answered if it worked or not. My second reply should apply to try to get past the black screen. Do you see anything on the screen? Did you checked that all the cables are still connected into the monitor?
     
  24. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I am also curious to the conclusion of this thread.
     
  25. sooflymami

    sooflymami Registered Member

    Joined:
    Feb 21, 2008
    Posts:
    361
    like 10mins. i think because i turned on my computer to check my messages and then that happened. and no i dont remember the name of the file..all i know is it said trojan worm/virus.
     
Loading...
Thread Status:
Not open for further replies.