I just installed AVG 8 and it found 25439 adware including a trojan. What do i do with all of these things that it found. The virus vault got filled and i tried to empty it but i honestly dont know what im doing with this program!!! Please help me. :eek:

Are you sure they were not warnings DeeDee

HAve a look in the virus vault and tell me please

Are you sure they were not warnings DeeDee

HAve a look in the virus vault and tell me please

The virus vault has 1 trojan in it. its a music file. The rest are warnings. All adware. What do i do from here? I dont even know how to empty the virus vault on this and how do i get rid of all the adware?:confused:

Do you run spyware blaster ??

If it has quarentined all the spyblaster entries make sure you open up Spyware blaster and renable them

Do you run spyware blaster ??

If it has quarentined all the spyblaster entries make sure you open up Spyware blaster and renable them

I renabled all of the protection in spywareblaster. Now what do i do from here?

I would leave the files in quarantine


Can you run a Malwarebyres scan as well and post the log please

I just installed AVG 8 and it found 25439 adware

I would imagine that the majority of them, if not all, are just tracking cookies which are reported as adware and are in reality perfectly harmless and nothing to worry about.

I would leave the files in quarantine

Is that where all of those files are now-in quarentine cuz i tried to put them in the vault but the vault got full it said. I kinda panicked when i saw all of that because i run scans daily. :eek:


Can you run a Malwarebyres scan as well and post the log please

This is weird cuz i ran MB just 2 days ago and it found nothing when that trojan music file has been there for at least a month. I have lots of faith in MB but it didnt pick it up. I wonder why?:confused:

I am currently running MB now and will post a log if i can remember how to. It's been a long night Donna.:(

I would imagine that the majority of them, if not all, are just tracking cookies which are reported as adware and are in reality perfectly harmless and nothing to worry about.

Well thats a good piece of news. Thank you for explaining that. :)

The logs are saved in the log tab
CAn you post the name of the trojan AVG8 found please

The logs are saved in the log tab
CAn you post the name of the trojan AVG8 found please

trojan horse Generic_c.MJZ

MB is still running and showing nothing so far.

Heres the log from MB. It found nothing...

Malwarebytes' Anti-Malware 1.12
Database version: 788

Scan type: Full Scan (C:\|)
Objects scanned: 133429
Time elapsed: 35 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Well AVG has quarantined the file
So don't worry
I cant seem to find any information on that trojan at the min but will try

Well AVG has quarantined the file
So don't worry
I cant seem to find any information on that trojan at the min but will try

I have searched high and low for that Trojan and can't find anything on it either. Does that mean it may be a very new one?

This is one of the mot annoying things i have found
Each Antivirus company likes to give them a different name

I might have found it here (http://www.google.co.uk/search?hl=en&q=Generic.MJZ&btnG=Search&meta=)

W32/Bancodor.AR@bd
Aliases:BackDoor.Bancodor.2.J GRISoft AVG 7.5.516/1280 15-Feb-2008
Backdoor.Bancodor.pf Rising RavScan Win32-Console 20.0.0.0 14-Feb-2008
BDS/Bancodor.A.8 Avira AntiVir/Win32-Console Version 7.4.0.15 15-Feb-2008
BKDR_HOOKER.A Trend Micro VSCANTM 3.00-1009/107 15-Feb-2008
W32/Bancodor.S Norman NVCC 5.91.10 14-Feb-2008

This is one of the mot annoying things i have found
Each Antivirus company likes to give them different names

I might have found it here (http://www.google.co.uk/search?hl=en&q=Generic.MJZ&btnG=Search&meta=)

Donna am i clean now or do i have anything left to do?

Well Malewarebytes came up clean
AVG has quarentined it
You could run an online scan for your own piece of mind

http://www.eset.com/onlinescan/

I am limited in what help i can offer i am afraid as im still training

BM, I know that you are the malware expert here so if you consent, may I add my two cents. I think the real Trojan must be Trojan Generic_c.iky. Perhaps AVG might have renamed it to start it from triggering again. Please correct me if I am wrong. DeeDee, please ignore this post unless BM has given her views on the matter. :)

-- Goku

BM, I know that you are the malware expert here so if you consent, may I add my two cents. I think the real Trojan must be Trojan Generic_c.iky. Perhaps AVG might have renamed it to start it from triggering again. Please correct me if I am wrong. DeeDee, please ignore this post unless BM has given her views on the matter. :)

-- Goku

Goku i am far from an expert
Where did you get that name from please?:)

From here (http://www.xomba.com/trojan_horse_generic_c_iky). :)

I know you are training BM but you are still the better informed amongst us so you will know what to do. :)

-- Goku

And also from here (http://help.lockergnome.com/security/virus-vault-ftopict1030.html). I will wait till you consider the matter. :)

-- Goku

From here (http://www.xomba.com/trojan_horse_generic_c_iky). :)

I know you are training BM but you are still the better informed amongst us so you will know what to do. :)

-- Goku

Im curious Goku on how you came to think that is that trojan please :D

Enlighten me :)

Well, I read the two posts and thought that AVG might have renamed the *.iky to *.mjz. I searched Google and *.mjz doesn't looked like a file extension. So I thought, AVG renamed the original file after quarantining it so that it might not reactivate itself. I know I might be wrong and that is why I asked for your opinion first. Hope this satisfies your curiosity. :)

-- Goku

Well, I read the two posts and thought that AVG might have renamed the *.iky to *.jmz. I searched Google and *.jmz doesn't looked like a file extension. So I thought, AVG renamed the original file after quarantining it so that it might not reactivate itself. I know I might be wrong and that is why I asked for your opinion first. Hope this satisfies your curiosity. :)

-- Goku

I like the way you think Goku:D

However im not sure AVG renames trojans .. they just give them silly names


Where is Scotty when you need him :)

ESET found nothing as well. Thank you for your help. :)

You are very welcome

Is that where all of those files are now-in quarentine cuz i tried to put them in the vault but the vault got full it said. I kinda panicked when i saw all of that because i run scans daily. :eek:




This is weird cuz i ran MB just 2 days ago and it found nothing when that trojan music file has been there for at least a month. I have lots of faith in MB but it didnt pick it up. I wonder why?:confused:

I am currently running MB now and will post a log if i can remember how to. It's been a long night Donna.:(



You know it is stuff like this that keeps me with Sas. DeeDee why not download and install Sas and see if it finds the Trojan, I would, love to know.

You know it is stuff like this that keeps me with Sas. DeeDee why not download and install Sas and see if it finds the Trojan, I would, love to know.

We havent even found out that it is not a false positive yet Rich

Avg has quarantined it

I could find no reference to the exact trojan
The examples i posted was the nearest one i could find ....


Deedee if i were you i would restore it to the desktop and upload here

http://virusscan.jotti.org/

let the scanners scan it and then delete it

post back the results :D

You know it is stuff like this that keeps me with Sas. DeeDee why not download and install Sas and see if it finds the Trojan, I would, love to know.

Hi Mylanta. I do have SAS on my pc and i run it every couple of days and it didn't pick up a file that i know has been sitting in my computer for over a month. I'm not going to get involved in the paid or free version wars that go on here but I'm just stating a fact that MB,AVG 7.5 AND SAS did NOT catch this trojan if it isn't a false positive. :)

Just a thought Deedee
Was it a zipped file ??

Deedee if i were you i would restore it to the desktop and upload here

http://virusscan.jotti.org/

let the scanners scan it and then delete it

post back the results :D

Donna can you please tell me how to restore it to the desktop and the steps that you want me to take. Please also remember that this is not a war between who is right and who is wrong on the issues of paid and free versions of programs. This is my PC and lifeline to the world around me. :)

Just a thought Deedee
Was it a zipped file ??

Donna it is a wma music file that was downloaded by someone who decided to put a p2p on my computer without asking me and downloaded music. I know exactly when it happened. It's been on this PC for over a month now. :(

I know DeeDee
We do tend to get carried away and i will jump to the defence of freeprograms as Rch knows:D



Have a look in the virus vault and tell me what it says please

does it say where the file was

For example system32

I have no entries in my logs to compare :frown:

I know DeeDee
We do tend to get carried away and i will jump to the defence of freeprograms as Rch knows:D
You know i really need to rely on free programs and i do think that there are some real good ones out there but we don't have to make every thread about this issue. no offense to anyone. :D................:focus:



Have a look in the virus vault and tell me what it says please

does it say where the file was

For example system32

I have no entries in my logs to compare :frown:

C:\Documents and settings \diane\desktop\music\ then it gives the name of the song by Maroon 5

Well then thats the path
C:\Documents and settings \diane\desktop\music and the name of the file

If you restore it from quarantine and copy the full path to jottis

Try it please

"Scan ""Scheduled scan"" was finished."
"Infections found:";"1"
"Infected objects removed or healed";"1"
"Not removed or healed.";"0"
"Spyware found:";"0"
"Spyware removed:";"0"
"Not removed:";"0"
"Warnings count:";"0"
"Information count:";"0"
"Scan started:";"Monday, May 26, 2008, 8:00:01 AM"
"Total object scanned:";"994174"
"Time needed:";"1 hour(s) 44 minute(s) 11 second(s) "
"Errors encountered:";"0"

"Infections"
"File";"Infection";"Result"
"C:\Documents and Settings\diane\Desktop\music\Maroon 5 - It Wont Be Soon Before.wma";"Trojan horse Generic_c.MJZ";"Moved to Virus Vault"

You know i really need to rely on free programs and i do think that there are some real good ones out there but we don't have to make every thread about this issue. no offense to anyone. :D................:focus:



OK OK I am not downing all free programs either as there are a few I use all the time, just strictly in the area of antivirus and antispyware and one of my greatest concerns is one of today's biggest threats and that is spyware programs posing as free antivirus or antispyware programs such as Win Antivirus. I simply want everyone to be careful and not be totally into "the free lunch".now :focus: nuff said!

Hello BM
Copy and paste in Google search bar "Generic_c" w/o the qoutes and you could continue my search starting with page pg 31...:eek: This one Generic_c.MJZ could not be found up to page 30, but a lot of other ones were..:D

Back to topic..:)

Yes i agree
There are rogue programs out there

Well then thats the path
C:\Documents and settings \diane\desktop\music and the name of the file

If you restore it from quarantine and copy the full path to jottis

Try it please

Donna you have lost me on this request. I'm very sorry but can you please explain?

This has to be a false positive...I gave it a shot too unless Goku is right and Avg changed the file name for protection purposes but I have never heard of that possibility.

This has to be a false positive...I gave it a shot too unless Goku is right and Avg changed the file name for protection purposes but I have never heard of that possibility.

Anything is possible these days with these companies...:D

Donna you have lost me on this request. I'm very sorry but can you please explain?

DeeDee at this point i believe that Avg8 has done its job

Leave it in quarantine :)

DeeDee at this point i believe that Avg8 has done its job

Leave it in quarantine :)

I concur with you on that! :D

Tech Problem ***SOLVED***

The technical problem relating to this thread has been resolved!

Please refrain from any additional posting in this thread unless there is an UPDATE to the original problem or new and relevant information related to the topic.

Additional postings may be removed without notice.

Thank you!
KH Mod Squad