Avast WEBforum

Other => Viruses and worms => Topic started by: Timea2 on June 19, 2019, 09:28:21 PM

Title: Logs following recovery
Post by: Timea2 on June 19, 2019, 09:28:21 PM: As explained in the article about cleaning malware, I have run tests after recovering my pc from an infection. MWB turned up a trojan dropper in a WinRar install file that had been on my computer for ages, with no previous finds. I have removed it. What further actions are needed? Thank you in advance.

Ps. aswMBR caused a BSOD and gave me nothing. TDSSKiller found nothing.
Title: Re: Logs following recovery
Post by: Pondus on June 19, 2019, 10:14:03 PM: Quote
MWB turned up a trojan dropper in a WinRar install file that had been on my computer for ages, with no previous finds.
Did you consider it was a false positive?
you can upload and test file here www.virustotal.com
you may post link to scan result here

Malware expert is notified. It may take hours before he is online

Quote
Ps. aswMBR caused a BSOD and gave me nothing.
I dont think aswMBR support Windows10
Title: Re: Logs following recovery
Post by: Timea2 on June 19, 2019, 10:31:01 PM: Thank you. The incompatibility explains the crash. I don't have the file anymore and now MWB says there is nothing more. Can I trust that?

Quote from: Pondus on June 19, 2019, 10:14:03 PM
Quote
MWB turned up a trojan dropper in a WinRar install file that had been on my computer for ages, with no previous finds.
Did you consider it was a false positive?
you can upload and test file here www.virustotal.com
you may post link to scan result here

Malware expert is notified. It may take hours before he is online

Quote
Ps. aswMBR caused a BSOD and gave me nothing.
I dont think aswMBR support Windows10
Title: Re: Logs following recovery
Post by: Pondus on June 19, 2019, 10:38:52 PM: Quote
I don't have the file anymore and now MWB says there is nothing more.
Is file in malwarebytes quarantine?
If so you can restore and upload it to virustotal.com

Quote
Can I trust that?
In general yes, but nothing is 100%
Title: Re: Logs following recovery
Post by: Timea2 on June 19, 2019, 10:42:27 PM: No, deleted from there as well.

Quote from: Pondus on June 19, 2019, 10:38:52 PM
Quote
I don't have the file anymore and now MWB says there is nothing more.
Is file in malwarebytes quarantine?
If so you can restore and upload it to virustotal.com
Title: Re: Logs following recovery
Post by: Pondus on June 19, 2019, 10:50:59 PM: Quarantine give you the option to restore wrongly detected files

There is no rush to delete from quarantine, i usually let it stay there for a couple of weeks before i do

Quarantine, Delete, or Clean: Which Is Best for a Virus?
https://www.lifewire.com/clean-quarantine-or-delete-3972276
Title: Re: Logs following recovery
Post by: Timea2 on June 19, 2019, 11:05:53 PM: Good to know, thanks. It did give me the option, btw.

Quote from: Pondus on June 19, 2019, 10:50:59 PM
Quarantine give you the option to restore wrongly detected files

There is no rush to delete from quarantine, i usually let it stay there for a couple of weeks before i do

Quarantine, Delete, or Clean: Which Is Best for a Virus?
https://www.lifewire.com/clean-quarantine-or-delete-3972276
Title: Re: Logs following recovery
Post by: Sass Drake on June 22, 2019, 10:50:52 AM: FRST logs are clean so it was probably false positive.