Avast WEBforum

Other => Viruses and worms => Topic started by: mamma-p on September 29, 2010, 08:55:05 PM

Title: Avast not detecting trojan win32.generic!BT
Post by: mamma-p on September 29, 2010, 08:55:05 PM

I have avast pro, which updates regularly, and also malwarebytes which I run weekly ( daily when running slow ). A few days ago my lappy started to run very slowly so I ran scans etc as usual but nothing was detected. Yesterday I downloaded and ran ad-aware which detected the trojan ( win32.generic!BT ). I quarantined it and things were much better. Today was slow  so ran ad=aware again and up popped the same trojan! The quarantine chest says there are 2 of the same trojan in there. Why would avast miss them? And malwarebytes too? Both are updated regularly and both missed these bugs.

I am confused, 2 trojans or the same one ( incidentally #1 detected on smart scan, #2 on full scan ). How many programmes are needed to keep a computer free of viruses etc?

Any advice would be very welcome.

Title: Re: Avast not detecting trojan win32.generic!BT
Post by: Pondus on September 29, 2010, 09:15:53 PM

What if the detections from Ad-Aware is False Positives   ???

upload the files to www.virustotal.com and test them with 43 malware scanners. When you have the result, copy the URL in the address bar and post it here

Title: Re: Avast not detecting trojan win32.generic!BT
Post by: Lisandro on September 29, 2010, 09:19:31 PM

I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! (http://www.freedrweb.com/cureit/) instead.
3. Use MBAM (http://malwarebytes.org/mbam.php) (or SUPERantispyware (http://www.superantispyware.com) or even Spyware Terminator (http://www.spywareterminator.com/)) to scan for spywares and trojans. If any infection is detected, it is better and safer to send the infected file(s) to quarantine (Chest), rather than simply deleting them.
4. Test your machine with anti-rootkit applications (http://www.antirootkit.com/software/index.htm). I suggest avast! antirootkit (http://files.avast.com/files/beta/aswar.exe) or Trend Micro RootkitBuster (http://www.trendmicro.com/download/rbuster.asp).
5. Make a HijackThis (http://www.bleepingcomputer.com/files/hijackthis.php) log to post here or this analysis site (http://www.hijackthis.de/#anl). Or even submit the RunScanner (http://www.runscanner.net/) log to to on-line analysis.
6. Clean your Hosts file (replacing it) with HostsMan (http://www.abelhadigital.com) tool.
7. Disable System Restore and then reenable it again.
8. Immunize your system with SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html).
9. Check if you have insecure applications with Secunia Software Inspector (http://secunia.com/software_inspector/).