Author Topic: avast! does not detect Gen:variant.kazy.132874  (Read 3179 times)

Offline JASAmigan

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
avast! does not detect Gen:variant.kazy.132874
« on: January 07, 2013, 06:04:31 AM »
I have avast! Internet Security v.7.0.1474, but I sometimes use other online scanners to check for viruses or malware that avast! might miss.

Today I used BitDefender's QuickScan, which told me that my PC is infected with Gen:Variant.Kazy.132874. Prior scans by Malwarebytes did not detect it, nor did Trend Micro's Housecall, and it has apparently been overlooked by avast! as well. If it is indeed a virus or trojan or worm, I may have had it unknowingly for some time.

What do I do? Is it a legitimate virus or malware of some kind, and if so, how do I get rid of it?

Offline JuninhoSlo

  • avast! Evangelist
  • Advanced Poster
  • ***
  • Posts: 839
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #1 on: January 07, 2013, 06:26:53 AM »
Did you get any log file after BitDefender finished with scanning? Send "infected" file to Virustotal and post results.

Offline Asyn

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 24900
  • Frohe Ostern
    • >>>  avast! Forum - Deutschsprachiger Bereich  <<<
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #2 on: January 07, 2013, 06:35:04 AM »
Send "infected" file to Virustotal and post results.

+1 Could also be a BD FP.
XP SP3 - avast! 9.0.2018 - CIS 3.14 [FW/D+] - MBAM 1.75 [On Demand] - Firefox ESR 24.4 [NS/ABP/EHH/BP] - Thunderbird 24.4 [EM/CH]
Deutschsprachiger Bereich -> avast! Wissenswertes (Downloads, Anleitungen und Infos): http://forum.avast.com/index.php?topic=60523.0

Offline True Indian

  • Malware Hunter
  • Advanced Poster
  • **
  • Posts: 728
  • Gender: Male
  • A Good Old Indian!
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #3 on: January 07, 2013, 07:36:48 AM »
Follow this guide: http://forum.avast.com/index.php?topic=53253.0

Attach all logs here...

Remember: There is no perfect antivirus..all Antiviruses will miss something.
« Last Edit: January 07, 2013, 08:22:37 AM by true indian »

Offline Asyn

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 24900
  • Frohe Ostern
    • >>>  avast! Forum - Deutschsprachiger Bereich  <<<
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #4 on: January 07, 2013, 07:44:01 AM »
See If MBAM finds anything there..

Prior scans by Malwarebytes did not detect it...
XP SP3 - avast! 9.0.2018 - CIS 3.14 [FW/D+] - MBAM 1.75 [On Demand] - Firefox ESR 24.4 [NS/ABP/EHH/BP] - Thunderbird 24.4 [EM/CH]
Deutschsprachiger Bereich -> avast! Wissenswertes (Downloads, Anleitungen und Infos): http://forum.avast.com/index.php?topic=60523.0

Offline JASAmigan

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #5 on: January 07, 2013, 01:23:18 PM »
Did you get any log file after BitDefender finished with scanning? Send "infected" file to Virustotal and post results.

No log file; nothing but the screenshot I attached. I actually thought it might be a FP, or even that I had visited a hijacked url, but one can't be too careful. None of the following site checkers - Norton Safe Site Checker, McAfee Site Advisor, and Trend Micro Site Safety Center - report any problems with the link.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21661
  • Gender: Male
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #6 on: January 07, 2013, 01:56:24 PM »
does Bitdefender say what file is detected?....cant see on the attached pic
if so upload it to virustotal.com and test with 40+ malware scanners....
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline JASAmigan

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #7 on: January 07, 2013, 02:09:54 PM »
does Bitdefender say what file is detected?....cant see on the attached pic
if so upload it to virustotal.com and test with 40+ malware scanners....

No. As I mentioned in the post immediately prior to yours, I got no log file; nothing except the window that says "Your system is infected with Gen:Variant.Kazy.132874".

However, I just ran AdwCleaner and it said I have some stuff from Babylon Toolbar, so I'm now going to let it run its cleaning procedure, which I understand will involve a reboot.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21661
  • Gender: Male
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #8 on: January 07, 2013, 02:13:47 PM »
Quote
However, I just ran AdwCleaner and it said I have some stuff from Babylon Toolbar, so I'm now going to let it run its cleaning procedure, which I understand will involve a reboot.
yepp....it removes most of the browser/toolbar crap
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline JASAmigan

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #9 on: January 07, 2013, 03:01:27 PM »
Quote
However, I just ran AdwCleaner and it said I have some stuff from Babylon Toolbar, so I'm now going to let it run its cleaning procedure, which I understand will involve a reboot.
yepp....it removes most of the browser/toolbar crap

AdwCleaner apparently didn't find Gen:variant.kazy, but says it removed Babylon and a number of other things (partial list below):

***** [Services] *****
Found : Updater Service for StartNow Toolbar
***** [Files / Folders] *****
Folder Found : C:\Program Files (x86)\AGI
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Found : C:\ProgramData\AGI
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Tarma Installer
...

However, avast! told me that something tried to change my default Home Page, so I don't know if that was AdwCleaner or an effect of the stuff it was removing. I didn't allow the change.

Thanks for your help, guys. I would never have found AdwCleaner, but it's now part of my arsenal.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21661
  • Gender: Male
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #10 on: January 07, 2013, 03:14:38 PM »
Quote
AdwCleaner apparently didn't find Gen:variant.kazy
it is not a malware scanner......it just removes crap
it does not have a update function so you need to download latest version when you need it

if you are following the hole guide true indian gave you...then there are som more logs to attach...not copy and paste

Malwarebytes
OTL
aswMBR

Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline mag

  • Advanced Poster
  • **
  • Posts: 743
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #11 on: January 07, 2013, 07:44:15 PM »
I had a couple of similar Kazy alerts from BD yesterday.

(I was scanning my w7 installation from a dual booted linux distro with BD for unices).

Both the detections were within avast files (one in defs, one in an avast .dll  - can't remember which).

I suspected that avast maybe hadn't encrypted these defs for some reason, so BD found them (or maybe a BD FP).

Detection has gone today - so whatever it was someone has apparently fixed it.
« Last Edit: January 07, 2013, 07:55:40 PM by mag »

Offline JASAmigan

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #12 on: January 07, 2013, 10:07:44 PM »
I had a couple of similar Kazy alerts from BD yesterday.

(I was scanning my w7 installation from a dual booted linux distro with BD for unices).

Both the detections were within avast files (one in defs, one in an avast .dll  - can't remember which).

I suspected that avast maybe hadn't encrypted these defs for some reason, so BD found them (or maybe a BD FP).

Detection has gone today - so whatever it was someone has apparently fixed it.

OK! I also have BD in my dual booted Linux Ubuntu (I think it's Precise P because I wanted LTS). Maybe I will rescan with BD in Win7 tomorrow, and if I get a hit, I'll try a scan in Linux.

Thanks, Mag.

Offline Rompin Raider

  • Full Member
  • ***
  • Posts: 164
  • Gender: Male
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #13 on: January 07, 2013, 11:19:12 PM »
Follow this guide: http://forum.avast.com/index.php?topic=53253.0

Attach all logs here...

Remember: There is no perfect antivirus..all Antiviruses will miss something.

Great topic and info...thanks from an observer!
Win7x64 Avast IS 2014.9.0.2016/Chrome

Offline mag

  • Advanced Poster
  • **
  • Posts: 743
    • Personal Message (Offline)
Re: avast! does not detect Gen:variant.kazy.132874
« Reply #14 on: January 08, 2013, 02:38:36 PM »
I had a couple of similar Kazy alerts from BD yesterday.

(I was scanning my w7 installation from a dual booted linux distro with BD for unices).

Both the detections were within avast files (one in defs, one in an avast .dll  - can't remember which).

I suspected that avast maybe hadn't encrypted these defs for some reason, so BD found them (or maybe a BD FP).

Detection has gone today - so whatever it was someone has apparently fixed it.

OK! I also have BD in my dual booted Linux Ubuntu (I think it's Precise P because I wanted LTS). Maybe I will rescan with BD in Win7 tomorrow, and if I get a hit, I'll try a scan in Linux.

Thanks, Mag.
Pleased if I've been able to help.

You probably know this, but mount your windows drive (as su/sudo) first in the same account from which you then run BD scan - otherwise I've found BD is a bit variable in whether it will access it.

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now