Dear Avast Forum Users,
Today I too received the report of the MOTA113.exe infection and the SUPER infection as mentioned earlier in this thread. Did a boot time scan and the details are as follows:
02/22/2009 12:54
Scan of all local drives
File C:\Program Files\eRightSoft\SUPER\spk\Movawin.spk\[tElock]\[PECompact]\[Embedded_I#15e7bc]\[tElock] is infected by Win32:Trojan-gen {Other}
File C:\WINDOWS\MOTA113.exe\[tElock] is infected by Win32:Trojan-gen {Other}
I scanned my system with:
- Blacklight anti-rookit - no infections or other items found
- MBAM - no infections or other items found
- Spybot - no infections or other items found
- Rootalyzer - no infections or other items found
- ZA Anti-Spyware - no infections or other items found
- SuperantiSpyware - no infections or other items found
- Hijackthis Log submitted to
http://www.hijackthis.de/ - no items marked as dangerous
I believe these two items are false positives.
I managed to submit the SUPER file (Movawin.spk) to virustotal and jotti.org and only Avast and one other recognised an infection. Although it said the other virus scanner was only a heuristic detection.
I tried to submit the MOTA113.exe file to both but Avast went mental with the warning things and I clicked 'no action' which subsequently resulted in Avast preventing me from uploading them.
In an ironic way I am glad that others have got this message - as it strengthens the possibility that it will be a false positive. Purely for the reason that if everyone reports the same infection at the same time!!
Hope this will be a false positive and hope it will be corrected in the next VPS.
Avastfan1