Why do you think it is suspect ?
What avast! version and VPS file (virus database) number, e.g. 0436-4 (see about avast!) ?
Did avast detect it as a virus, etc.
Where was it found example (C:\windows\system32\infected-file-name.xxx)?
Have you added it to the chest ?
if so that is a protected area and nothing other than avast can work inside it. You can sent it directly from the chest to avast. Right click on the file and select 'email to Alwil Software. '
I already posted in this forum asking for some help sometime ago.
This is the post:
http://forum.avast.com/index.php?topic=19842.msg166671#msg166671After some time doing on-line scans and safe mode scans without getting anything I thought about checking my firewall (Zone Alarm Free) logs and see if there was something suspicious there. Well.......here is my story:
I have an account on livejournal.com Some time ago I downloaded a little application to count how many comments I made and got on my blog. This little software asked for my username and password and I gave it thinking it was safe. I even let it pass the firewall giving the allow instruction for it. ;_; After that I let it sit for ten days on my pC without noticing anything stange.
Then I discovered that that strange user-agent appeared 5 seconds after Zone Alarm registered that software passing the firewall and connecting on the net. The only thing is that that very same day I installed the NET Framework of windows. I asked on another forum if a spyware can stay idle in a software until something like those libraries are installed on the pc. And it seem it's possible. I formatted my pc and now I'm using another one. But since this one will be formatted soon I decided to download again this software, zip it and send it to the avast team. I was sure I had a virus on the other machine. All the applications started opening by themselves, all the windows were being moved around on my desktop (for example the Avast windows first eppeared on the center of the creen and after closing it and opening it again it was moved all to the left) and the icons on my task bar started disappearing and showing up again after a serie of reboots. I was very frustrated since no antivirus software nor Spybot, MS Antispyware and Ewido detected anything. That's why i wanted to send it. If there is a malicious thing in that software that can be unleashed only after installing the NET framework I'd like to know it. Thanks!
[edit] I have the latest version of Avast and the latest version of the virus definition. I've installed that software without the NET Framework and done a safe boot scan. Nothing so far. Tomorrow i'll try installing the NET Framework and I'll see what will happen.
[edit2] this thing is a spyware!!!! Or at least it can be detected as a user-agent. I created a new account on livejournal and use that thing twice. Guess what? That user-agent showed up again. But this time I'm sure I used it. The thing that irks me is that back then it started itself without me knowing. Since I'd like to explain to the Avast team what happened I'd like to send an e-mail with the zip file and an explanation. Thanks!!!
