Question:
Avast antivirus keeps saying it detected a virus?
2010-12-02 13:36:17 UTC
(This is the virus description) Win32:Oficla-BJ[Drp] the original file was c:/WINDOWS/Temp/nlna and then the other was (Description) Win32:Dropper-EKE{Drp] orig file c:/WINDOWS/Temp/oxix. I'm confused, and it keeps popping up, even after I do a scan of my computer. I dont know what to do, or how to stop it. Everytime I go to a regular website it pops up. Even when I'm not on a website it pops up.
Oh and I have Windows XP
Seven answers:
2010-12-02 14:24:47 UTC
Deleting it from %temp% folder won't help as I would say it will come back again.



I would follow MLM's answer first because what it's doing is copying it self somewhere else and then starting itself back up again after your computer reboots or it would be running and Avast can't remove it in normal mode so you have to go into SAFE MODE.



The other thing you can try if that doesn't work is to use Malwarebytes. What I've found is while antivirus software is good for viruses, it's not that great with spyware/malware.



Malwarebytes - https://store.malwarebytes.org/342/cookie?affiliate=9230&redirectto=http%3a%2f%2fwww.malwarebytes.org%2f&product=29945 - is the best anti-spyware/malware scanner/remover I know of. Download Malwarebytes FREE (as you only need it to scan and clean otherwise the PRO version has real time scan but it's a PAID version). You can download the free version here: https://store.malwarebytes.org/342/cookie?affiliate=9230&redirectto=http%3a%2f%2fwww.malwarebytes.org%2f&product=29945 . I have used Malwarebytes at various client sites in the past and it has always been good a picking up nasties and removing them that antivirus software such as Symantec, Trend and NOD32 was unable to do.



Here what I would recommend you should do:



1. Download Malwarebytes from here: https://store.malwarebytes.org/342/cookie?affiliate=9230&redirectto=http%3a%2f%2fwww.malwarebytes.org%2f&product=29945



2. Install Malwarebytes on your computer. Update it and RESTART your computer.



3. When your computer starts up, after the BIOS/logo screen, press [F8] and choose SAFE MODE (*very important!*). This will stop any nasties from starting up, then do a FULL SCAN from Malwarebytes and wait for it to finish.



4. Remove/delete all the nasties it has found then reboot your computer again in SAFE MODE.



5. Run FULL SCAN again from Malwarebytes again in case there are more that didn't show up the first time as generally deleting the first lot of nasties, it 'unhides' more nasties.





Now see how your computer behaves afterwards.



Let me know how you get on and whether this has fixed it
Kenyatta
2016-08-23 14:09:38 UTC
2
sharingan
2010-12-02 14:16:41 UTC
ok i dont know why it would ecactly say but i do know that avast virus could have detected security check it is a really dangerous virus it has been on tons of computers, i had to stay up untill 4 last night getting rid of it, it is high tech and something has to activate it well you get that virus detected message i wouldnt upgrade anything. Security check is a new virus i will block you from doing anything. the only way to get rid of it is if you have an older version of the internet explorer cause it wont recognize it as a threat but any newer internet explorer versions Security check will block it. if you get the error code (3191) RUN! it is horrible! NO security checks for time being. LIKE I SAID something has to activate it.there are 2 ways to get rid of it: either you pay 80 bucks and it will uninstall itself or you click restart and then hit crlt alt delete keys eight times as fast as you can you open task manager and anything you see with numbers still running end it. Watch out my ipod touch, ipad ,iphone and mac and labtop have all had it it goes threw email, online websites like runescape or clubpenguin any chat related messages it can activate itself. it can kill your computer mine yesterday i took out the battery and the screen was still on showing an error code!!!!!! the display wasnt gone. i thought i was toast but just follow the instructions you should get threw it. EVEN IF THIS IS NOT THE CASE still this virus can be attached anywhere. but if it is another virus then uninstall any newer programs. HOPE i gave you heads up!!!!!!!
MLM
2010-12-02 13:40:27 UTC
Chances are that it is copying itself everytime it is detected. Trying re-running AVAST while in Safe Mode. To get into Safe Mode, reboot and then either hold down or tap the F8 key repeatedly while the computer is starting up. After a few seconds you will see a menu to choose Safe Mode.

===============

Edit to reply to additional details



If the malware is still being detected after running your Avast & MBAM scans in Safe Mode, it is possible that the malware is being detected in your System Restore volumes. Many anti-virus products cannot remove viruses from system restore thus the reason for clearing out possible infected points. For reference to this, see the link below:



http://www.bleepingcomputer.com/tutorials/tutorial56.html#problems



There are several ways to disable system restore but the easiest is to go to Control Panel, System, System Restore tab and tick the box to "Turn off system restore on all drives", click Apply, click OK and reboot. Follow the same steps when you log back on to re-enable system restore by removing the tickmark.



Afterwards run Avast again to see if it everything is clean.
Erika
2016-10-01 06:23:21 UTC
The answer is for your query. The virus is living within the method repair. You have got to disable method repair on all drives,reboot into safemode then run a whole experiment and delete the malware (dont simply quarantine) Good success with that
lenzar86
2010-12-02 13:38:07 UTC
Navigate to C:\Windows\Temp yourself and delete everything in there. It's only temporary stuff so you shouldn't lose anything too important.
Cris
2010-12-02 13:38:04 UTC
start

run

%temp%

delete all of them


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...