Re: [CGUYS] AVG Trojan Detected?
After looking into it, I see that AVG uses virus signatures as well as Heuristic Analysis. All definitions are up to date and have been updated daily and scans done daily since computer was new. Richard P. Mike Sloane wrote: To my knowledge, Panda is heuristic, but AVG depends on daily downloads of specific virus signatures. If your AVG definitions are out of date, it will not detect a brand new offender, whereas Panda's design (claims to) detect viruses by their behavior. Mike This morning, AVG scan found what it says is a trojan horse downloader. When I asked for more details, it said it didn't exist in its database. I went ahead and healed it but wonder what it is and whether or not it is a false positive. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] AVG Trojan Detected?
In going back and checking the logs I saw that yesterday, AVG also found
what it says was a Trojan horse in:
C:\Program Files\music_now\inetchk.exe and deleted it. I was able to
search and see that MusicNow is part of AOL (I never installed AOL but
is probably sitting on the computer as part of a preloaded program). If
it has to do with AOL, it probably would be seen as a hazard but I'm
just guessing.
I don't know how AVG does it's detection process.
Richard P.
Does AVG detect virus based on a heuristic model where it finds Virus
like behaviors. It may not know which virus it is but it knows it is
acting like a virus.
I believe that NOD32 and Blink find things this way as well as by definitions.
wrote:
This morning, AVG scan found what it says is a trojan horse downloader.
When I asked for more details, it said it didn't exist in its database.
I went ahead and healed it but wonder what it is and whether or not it
is a false positive.
Details:
AVG Free Edition Resident Shield
Threat Detected!
While opening file:
C:\System Volume
Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP47\A0014445.exe
Trojan horse Downloader.VB.AXO
It also found a change, file: shell32.dll in C:\WINDOWS\system32\shell32.dll
I haven't been able to find any real info on the trojan. Any input will
be greatly appreciated.
* == QUICK LIST-COMMAND REFERENCE - Put the following commands in ==
* == the body of an email send 'em to: [EMAIL PROTECTED] ==
* Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name
* Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST
* Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L
* New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress
* Need more help? Send mail to: [EMAIL PROTECTED]
* List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l
* List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/
* RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml
* Messages bearing the header X-No-Archive: yes will not be archived
[CGUYS] AVG Trojan Detected?
This morning, AVG scan found what it says is a trojan horse downloader.
When I asked for more details, it said it didn't exist in its database.
I went ahead and healed it but wonder what it is and whether or not it
is a false positive.
Details:
AVG Free Edition Resident Shield
Threat Detected!
While opening file:
C:\System Volume
Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP47\A0014445.exe
Trojan horse Downloader.VB.AXO
It also found a change, file: shell32.dll in C:\WINDOWS\system32\shell32.dll
I haven't been able to find any real info on the trojan. Any input will
be greatly appreciated.
Thanks in advance,
Richard P.
* == QUICK LIST-COMMAND REFERENCE - Put the following commands in ==
* == the body of an email send 'em to: [EMAIL PROTECTED] ==
* Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name
* Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST
* Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L
* New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress
* Need more help? Send mail to: [EMAIL PROTECTED]
* List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l
* List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/
* RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml
* Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] AVG Trojan Detected?
To my knowledge, Panda is heuristic, but AVG depends on daily downloads of specific virus signatures. If your AVG definitions are out of date, it will not detect a brand new offender, whereas Panda's design (claims to) detect viruses by their behavior. Mike Richard P. wrote: This morning, AVG scan found what it says is a trojan horse downloader. When I asked for more details, it said it didn't exist in its database. I went ahead and healed it but wonder what it is and whether or not it is a false positive. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
Re: [CGUYS] AVG Trojan Detected?
Run all the free online virus checkers you can find. http://www.google.com/search?source=ighl=enrlz=q=free+online+virus Call me paranoid, but at least once I've just reinstalled Windows rather than deal with possible trojans. I do a lot of important stuff from this machine. * == QUICK LIST-COMMAND REFERENCE - Put the following commands in == * == the body of an email send 'em to: [EMAIL PROTECTED] == * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] * List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header X-No-Archive: yes will not be archived
