I am getting a virus alert from Avast saying "A Trojan Horse Was Found" whenever I try to open a webpage

Posted on 2008-10-23
Last Modified: 2013-12-09
I am getting the below attached alert message whenever I am trying to open a new webpage. For very few sites, for example, expert-exchange, I am not getting any alert. But for most of them (including some common websites like Yahoo and Rediff) I am getting this alert. I am using Windows XP, IE6 and Avast Free Home Edition. When my Internet connection is off I do not get any such alert. My computer is "not" running slow.

I would appreciate if anyone can inform me why this is happening and how to fix this problem. I am ready to provide further information if needed.

Question by:sstampf
  • 2
  • 2
  • 2

Accepted Solution

Bradley Haynes earned 250 total points
ID: 22789974
Download and run Malwarebytes'.

Also from the 'RUN' textbox input "%temp%"  which will open your Temp directory. Once that is open delete all that is in there. A couple of files will not allow deletion because they are being used by another process or app. That is OK.
After that has been done your PC will run faster and possible BHO's will be gone. You may download HijackThis; 
Run it and post the results here if you don't understand the log info.
Usually all the BHO (browser helper objects) can and should be deleted.
LVL 47

Assisted Solution

rpggamergirl earned 250 total points
ID: 22790407
If problem persists, use Smitfraudfix or FixIEDef.

1.  Please download SmitfraudFix, and select Option 2. Clean (Safe mode recommended)

2.  Download FixIEDef by ShadowPuterDude to the Desktop.

You need to first Disable real-time protections that can interfer with FixIEDef:
Windows Defender, SUPERAntsipyware, Spybot's Tea Timer, etc.

Double-click FixIEDef
Click 'OK'
Click 'Scan'
Click 'OK' FixIEDef requires Adminstrator Privileges to run correctly. This box tells you that FixIEDef successfully elevated it's privileges to that of Administrator.
Wait for the scan to finish. It won't take very long.

WARNING: FixIEDef will kill all copies of Internet Explorer and Explorer that are running, during removal of malicious files. The icons and Start Menu on your Desktop will not be visible while FixIEDef is removing malicious files. This is necessary to remove parts of the infection that would otherwise not be removed.

Expert Comment

by:Bradley Haynes
ID: 22790479
So we meet again!!!   ;-) rpggamergirl

How ya doing?
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

LVL 12

Author Comment

ID: 22795204
I have heard that its not good running two antivirus programs simultaneously on a computer. There can be some confliction. Does the same hold true for Antispywares also? Should I uninstall my Avast first before installing FixIEDef or Malwarebytes (because Avast also has some Malware detection features)? Is it safe to delete files from the "%temp%" folder? I saw some MS Office (and also some other software's) log files there. Also, I haven't used HijackThis before (but have heard a lot about it). I have heard that a novice user should avoid using HijackThis.....
Please advice.
LVL 47

Assisted Solution

rpggamergirl earned 250 total points
ID: 22805829
Hi there b_haynes!  nice to see you, :)

That's right, it is never good to have 2 antivirus running in the system, it can only cause lockups and inefficiency to protect the system, not to mention it's a waste of resources.
Similar also applies with anti-spyware, it is not a good idea to have 2 anti-spyware running with both having a real-time protection.
But it is okay to have 2 anti-spyware installed( I have both Spybot and SUPERAntispyware and also MBAM at some stage) but only one should have a real-time protection, the other one can be used as an on-demand scanner which works extremely well with SUPERAntispyware as updates are free.

And if you ask whether having 2 antivirus with only one having a real-time protection okay?
No, that is still not good, an online scan is the better way of checking what your resident antivirus may have missed than installing a second antivirus.

>>>Should I uninstall my Avast first before installing FixIEDef or Malwarebytes (because Avast also has some Malware detection features)? Is it safe to delete files from the "%temp%" folder?< <<
No you don't need to uninstall Avast to run FixIEDef or MBAM, you just need to disable it while running the scan.
Yes, it is safe to delete files inside the temp folders, it's advisable to clean out all your temp folders now and then.
The only time that you shouldn't delete files in the temp folders is when you just installed a program/or updates and you have not rebooted yet. But after you've rebooted it should be okay. Some tools/scanners also needs files from the temp folders while scanning but after you've done with the tool it is then safe to delete any files there.

>>> I have heard that a novice user should avoid using HijackThis.....<<<
Yes, a novice should be careful what entries to fix in Hijackthis as fixing a crucial entries that the system need could cause system instability or applications to stop running. But some entries in hijackthis are not so crucial e.g. R's, 09, 016 entries which can be safely fixed. You can also safely fixed an 04 lines if you want to stop certain programs from running at bootup, fixing their entries only disable them, it doesn't affect that particular program when you need to run it.

Here's a good Hijackthis tutorial if you like to check out.

LVL 12

Author Closing Comment

ID: 31509386
Solution by b_haynes was sufficient to heal my computer, but comments by rpggamergirl immensly helped me improve my knowledge on spywares. Thanks both of you.

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I previously wrote an article addressing the use of UBCD4WIN and SARDU. All are great, but I have always been an advocate of SARDU. Recently it was suggested that I go back and take a look at Easy2Boot in comparison.
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question