also @ TechSpot: Intel Core i7-3820 Review: Sandy Bridge-E for the masses
Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Sign up or Login to participate.
Go Back   TechSpot OpenBoards > Tech Support > Virus and Malware Removal
Reload this Page Trojan Horse-Avast making it sound like WWIII

Collaborate in the cloud with Office, Exchange, SharePoint, and Lync

Trojan Horse-Avast making it sound like WWIII
Thread Tools Search this Thread
  #1  
Old 12-03-2009
TechSpot Member
  
Member since: Jun 2009, 73 posts
Trojan Horse-Avast making it sound like WWIII
Hi there, I don't understand how I get viruses. I have Comodo, Avast! MBAM, Super anti spyware and Spybot. However, I got a trojan according to Avast. It was in ,multiple places and I ran a scan with MBAM and Super, neither of which detected anything. Avast, however, had so many sirens and radioactive symbols it seemed that World War III had broken out on my computer. I think I got most of the virus, but i'm not sure. I attached the Hijack This log, more details to follow.
Attached Files
File Type: log hijackthis.log (10.0 KB, 5 views)
  #2  
Old 12-03-2009
Tmagic650's Avatar
TechSpot Ambassador
  
Location: "The Treasure State" USA
Member since: Aug 2006, 14,707 posts
System specs
What repair option did you choose in Avast each time Avast alerted?
  #3  
Old 12-03-2009
TechSpot Member
  
Member since: Jun 2009, 73 posts
Most of them I moved to the chest, but there were some that I deleted, because I kept getting alerts for the same file. Spybot was infected by the virus, and many of the files that avast! alerted me about were in S&D. I moved most to the chest, but deleted some because I kept getting alerts for the same file. Spybot seems to be deleted from my computer, it's very possible that I deleted a key component of S&D. I can always reinstall it though. The other infected programs were mostly in the System Restore Section, and in 2 video converters that I have. I moved most of those to the chest, but I remember deleting a few of the viruses in System Restore and one of the video COnverters.
  #4  
Old 12-03-2009
Bobbye's Avatar
Helper on the Fringe
  
Location: Florida
Member since: Mar 2007, 15,035 posts
See if this helps you:

From Avast:
Quote:
Virus Chest — Quarantine; folder where infected files can be stored. The virus chest also stores vital system files to protect them from damage by malware. Users can also add their own files to the virus chest. Once in the chest, a file cannot be executed; double-clicking the file will instead display information about the file.
From Avast:
Quote:
Win32elf-MZG false positive was fixed in the latest VPS - 091203-1
http://forum.avast.com/index.php?topic=51647

Quote:
At 5:50am GMT, another VPS update (091203-1) was released, fixing the issue (for both "Win32elf-MZG" and "Win32:Zbot-MKK").
Those who have not used their computers between 12:15am and 5:50am will most likely not be affected.
http://forum.avast.com/index.php?topic=51651.0
If you're still using the bad VPS (091203-0) we recommend to invoke a VPS update immediately.
You are going to need to spend some time on the Avast forum and support. None of the entries I checked from the Avast log were malware. False Positive information and link above.
Also on Avast:
Quote:
You will notice the avast chest is in three sections:
1. Infected Files, speaks for itself, any files detected by avast that you chose Move to Chest as the action.
2. System files, back-up copies of important system files. There are (generally) files in the System Folder of the Chest: command.com, kernel 32.dll and wsock32.dll. During the installation, avast! copies some critical system files into the Chest, under the "System files" category. Those files might cause the operating system to crash if they get infected by a virus. If needed, those files can be restored from the Chest to their original location. Should an unknown virus infect the computer despite the extensive protection from the avast! antivirus package and alter an important system file, it can then be easily restored to its original state.
3. User Files, an area for the user to import suspicious files that haven't been detected so they can do no harm and can be sent by email to Alwil for further analysis.
Files are safe into Chest, can't harm your computer.
What a crazy way to run an antivirus program! I couldn't ind anything on "Category 1"

I spent an hour this morning chasing this down for another member. If either of these is 'your' Trojan, it's a False Positive that was fixed today.
  #5  
Old 12-03-2009
TechSpot Member
  
Member since: Jun 2009, 73 posts
ok, the viruses detected were mostly Win32: Delf-MZG. I did some research and found that is was a bug filled update (grr...). So should I restore everything, and reinstall if I deleted any key components? Since it's not a virus, I will connect to the internet. Thanks a bunch.
  #6  
Old 12-03-2009
Bobbye's Avatar
Helper on the Fringe
  
Location: Florida
Member since: Mar 2007, 15,035 posts
You're welcome. I left the link so you could get instructions if you needed it. Lots of gripes about this problem today!
  #7  
Old 12-03-2009
Tmagic650's Avatar
TechSpot Ambassador
  
Location: "The Treasure State" USA
Member since: Aug 2006, 14,707 posts
System specs
Yes Bobbye,
its nice to see your backing off your "knowing it all" attitude. I've been getting some false positives from Avast lately too
Closed Thread

Similar Topics
Topic Replies Forum
Trojan Horse Downloader.purity scan + Trojan Horse Downloader.Generic2 23 Virus and Malware Removal
Help! I got the lo1 trojan horse! 3 Virus and Malware Removal
trojan horse lop.AS Trojan, Unable To Work Out. 9 Virus and Malware Removal
Trojan horse Lop.as lo1[1] 7 Virus and Malware Removal
TROJAN HORSE Lop.AS 13 Virus and Malware Removal

Thread Tools Search this Thread
Search this Thread:

Advanced Search
All times are GMT -4. The time now is 02:39 PM.