Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: JASAmigan on January 07, 2013, 08:04:31 AM

Title: avast! does not detect Gen:variant.kazy.132874
Post by: JASAmigan on January 07, 2013, 08:04:31 AM
I have avast! Internet Security v.7.0.1474, but I sometimes use other online scanners to check for viruses or malware that avast! might miss.

Today I used BitDefender's QuickScan, which told me that my PC is infected with Gen:Variant.Kazy.132874. Prior scans by Malwarebytes did not detect it, nor did Trend Micro's Housecall, and it has apparently been overlooked by avast! as well. If it is indeed a virus or trojan or worm, I may have had it unknowingly for some time.

What do I do? Is it a legitimate virus or malware of some kind, and if so, how do I get rid of it?
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: JuninhoSlo on January 07, 2013, 08:26:53 AM
Did you get any log file after BitDefender finished with scanning? Send "infected" file to Virustotal and post results.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: Asyn on January 07, 2013, 08:35:04 AM
Send "infected" file to Virustotal and post results.

+1 Could also be a BD FP.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: true indian on January 07, 2013, 09:36:48 AM
Follow this guide: http://forum.avast.com/index.php?topic=53253.0

Attach all logs here...

Remember: There is no perfect antivirus..all Antiviruses will miss something.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: Asyn on January 07, 2013, 09:44:01 AM
See If MBAM finds anything there..

Prior scans by Malwarebytes did not detect it...
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: JASAmigan on January 07, 2013, 03:23:18 PM
Did you get any log file after BitDefender finished with scanning? Send "infected" file to Virustotal and post results.

No log file; nothing but the screenshot I attached. I actually thought it might be a FP, or even that I had visited a hijacked url, but one can't be too careful. None of the following site checkers - Norton Safe Site Checker, McAfee Site Advisor, and Trend Micro Site Safety Center - report any problems with the link.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: Pondus on January 07, 2013, 03:56:24 PM
does Bitdefender say what file is detected?....cant see on the attached pic
if so upload it to virustotal.com and test with 40+ malware scanners....
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: JASAmigan on January 07, 2013, 04:09:54 PM
does Bitdefender say what file is detected?....cant see on the attached pic
if so upload it to virustotal.com and test with 40+ malware scanners....

No. As I mentioned in the post immediately prior to yours, I got no log file; nothing except the window that says "Your system is infected with Gen:Variant.Kazy.132874".

However, I just ran AdwCleaner and it said I have some stuff from Babylon Toolbar, so I'm now going to let it run its cleaning procedure, which I understand will involve a reboot.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: Pondus on January 07, 2013, 04:13:47 PM
Quote
However, I just ran AdwCleaner and it said I have some stuff from Babylon Toolbar, so I'm now going to let it run its cleaning procedure, which I understand will involve a reboot.
yepp....it removes most of the browser/toolbar crap
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: JASAmigan on January 07, 2013, 05:01:27 PM
Quote
However, I just ran AdwCleaner and it said I have some stuff from Babylon Toolbar, so I'm now going to let it run its cleaning procedure, which I understand will involve a reboot.
yepp....it removes most of the browser/toolbar crap

AdwCleaner apparently didn't find Gen:variant.kazy, but says it removed Babylon and a number of other things (partial list below):

***** [Services] *****
Found : Updater Service for StartNow Toolbar
***** [Files / Folders] *****
Folder Found : C:\Program Files (x86)\AGI
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Found : C:\ProgramData\AGI
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Tarma Installer
...

However, avast! told me that something tried to change my default Home Page, so I don't know if that was AdwCleaner or an effect of the stuff it was removing. I didn't allow the change.

Thanks for your help, guys. I would never have found AdwCleaner, but it's now part of my arsenal.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: Pondus on January 07, 2013, 05:14:38 PM
Quote
AdwCleaner apparently didn't find Gen:variant.kazy
it is not a malware scanner......it just removes crap
it does not have a update function so you need to download latest version when you need it

if you are following the hole guide true indian gave you...then there are som more logs to attach...not copy and paste

Malwarebytes
OTL
aswMBR

Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: MAG on January 07, 2013, 09:44:15 PM
I had a couple of similar Kazy alerts from BD yesterday.

(I was scanning my w7 installation from a dual booted linux distro with BD for unices).

Both the detections were within avast files (one in defs, one in an avast .dll  - can't remember which).

I suspected that avast maybe hadn't encrypted these defs for some reason, so BD found them (or maybe a BD FP).

Detection has gone today - so whatever it was someone has apparently fixed it.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: JASAmigan on January 08, 2013, 12:07:44 AM
I had a couple of similar Kazy alerts from BD yesterday.

(I was scanning my w7 installation from a dual booted linux distro with BD for unices).

Both the detections were within avast files (one in defs, one in an avast .dll  - can't remember which).

I suspected that avast maybe hadn't encrypted these defs for some reason, so BD found them (or maybe a BD FP).

Detection has gone today - so whatever it was someone has apparently fixed it.

OK! I also have BD in my dual booted Linux Ubuntu (I think it's Precise P because I wanted LTS). Maybe I will rescan with BD in Win7 tomorrow, and if I get a hit, I'll try a scan in Linux.

Thanks, Mag.
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: Rompin Raider on January 08, 2013, 01:19:12 AM
Follow this guide: http://forum.avast.com/index.php?topic=53253.0

Attach all logs here...

Remember: There is no perfect antivirus..all Antiviruses will miss something.

Great topic and info...thanks from an observer!
Title: Re: avast! does not detect Gen:variant.kazy.132874
Post by: MAG on January 08, 2013, 04:38:36 PM
I had a couple of similar Kazy alerts from BD yesterday.

(I was scanning my w7 installation from a dual booted linux distro with BD for unices).

Both the detections were within avast files (one in defs, one in an avast .dll  - can't remember which).

I suspected that avast maybe hadn't encrypted these defs for some reason, so BD found them (or maybe a BD FP).

Detection has gone today - so whatever it was someone has apparently fixed it.

OK! I also have BD in my dual booted Linux Ubuntu (I think it's Precise P because I wanted LTS). Maybe I will rescan with BD in Win7 tomorrow, and if I get a hit, I'll try a scan in Linux.

Thanks, Mag.
Pleased if I've been able to help.

You probably know this, but mount your windows drive (as su/sudo) first in the same account from which you then run BD scan - otherwise I've found BD is a bit variable in whether it will access it.