2

During a quick search avast found and removed a virus on my PC (Win32:Ramnit-DO). After that it I updated the software (today an update came out) and it wanted to do a reboot to make a bootscan which I accepted.

The scan itself took almost 3h to complete. During this I saw the usual outputs (nothing that indicated a virus). But as I have not seen the whole output I tried to look for the logs and thus looked in the folder:

C:\ProgramData\AVAST Software\Persistent Data\Avast

And there under logs and under reports. Even though I saw logfiles there including aswBoot.txt under reports I did not find any CURRENT logfile. The only current ones being: AvastSvc.log, AvastUI.log and GrimeFighter.log (but nothing shows even the found virus during the quick search.....I only see it when I look into the virus container in the avast menu).

Now my question here is: IS that normal? Or is that something I should be cautious when it happens (aka a behaviour that could point to a virus infection that has affected avast itself already)? Or where do I find the log files I need (aka the bootfile logfiles)

As a note here: As the infected file was an old .dll from a bought program from 3 years back and no further infection was found I'm guessing that it was a wrong alarm from avast but one can't be cautious enough sadly.

Improve this question
4
  • which version of avast you are using? , In some version it should be in ‘Scan’ » ‘Scan history’.
    – BDRSuite
    Commented May 4, 2015 at 19:31
  • Do you mean the cost free, non cost free versions? (if so the cost free one) or what do you mean with versoin?
    – Thomas
    Commented May 4, 2015 at 21:28
  • Check C:\ProgramData\Avast Software\Avast\report\aswBoot.txt. Also show hidden files and extensions.
    – Ctrl-alt-dlt
    Commented May 6, 2015 at 9:51
  • I saw the file there (I always show hidden files and extensions, but the last change date and also the last date mentioned inseide the file was 1 year ago (and not as I had expected 3 mins earlier as the boot check was 3 mins earlier).
    – Thomas
    Commented May 6, 2015 at 12:45

1 Answer 1

Reset to default
0

I have seen such "wrong alarms" many times in Avast and Kaspersky after removing a virus.
Remove it manually from inside the program or clear all logs.
Sometimes they don't get removed, but in my case they disappear after some days.

Here are pathes of Avast log files and how to clear logs.
To recover after Win32/Ramnit malware follow these steps (provided by Microsoft).

Also check autoruns using Autoruns, and check extensions of your browser (in browser settings), because Ramnit steals bank user names and passwords and it can use extensions to achieve it.

Anyway, I would recommend you to scan computer using a good antivirus (such as Kaspersky IS, Norton Security etc, and not that free ones), even a trial version will do the work.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .