Author Topic: Trojan.Mezzia inside avast!...?  (Read 11487 times)

0 Members and 1 Guest are viewing this topic.

Offline MeDIeVaL

  • Full Member
  • ***
  • Posts: 165
Re: Trojan.Mezzia inside avast!...?
« Reply #15 on: October 04, 2007, 03:57:42 AM »
MeDIeVaL, is this the same system that had the trojan downloader?
      http://forum.avast.com/index.php?topic=30525.msg253810#msg253810

I'm wondering if it compromised Avast and/or SAS. Did you verify the MD5 of %:\Program Files\Alwil Software\Avast4\AhResWS.dll to the one DavidR posted in reply #1? Mine has the correct MD5 and is clean as I stated.

(Edit: Added:) SAS started detecting the Avast file right after the downloader was detected.

Nope, not the same system. That's my friend pc actually (as I do a part time job repairing and upgrading pc). This prob just occur to my own pc, never had this prob before 25th Sep. I've submitted the sample to SAS hoping that they will give the positive feedback 'bout this. Actually, this prob has do no harm to my pc except I'm afraid if I accidently put the suspected file into quarantined or worst delete it. I'm in my office right now, I would cx the MD5 after I'm getting back from work.
HP Pavilion g4. Intel Core i5-2410M @ 2.3GHz. 4GB RAM. Win7 SP1 64bit. avast! Free 7.0.1456. COMODO Firewall

Offline MeDIeVaL

  • Full Member
  • ***
  • Posts: 165
Re: Trojan.Mezzia inside avast!...?
« Reply #16 on: October 04, 2007, 06:06:44 AM »
Here the MD5 for avast!

Additional information
File size: 53248 bytes
MD5: af4e5eb372f516ef061e65e8973b57b5
SHA1: 5cda88f692618d44aa238a4f673671ef28045510
HP Pavilion g4. Intel Core i5-2410M @ 2.3GHz. 4GB RAM. Win7 SP1 64bit. avast! Free 7.0.1456. COMODO Firewall

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84887
  • No support PMs thanks
Re: Trojan.Mezzia inside avast!...?
« Reply #17 on: October 04, 2007, 02:13:32 PM »
Which is the same as the one I posted.
Quote from: DavidR
The MD5 of C:\Program Files\Alwil Software\Avast4\AhResWS.dll is af4e5eb372f516ef061e65e8973b57b5

So your file is the same as mine and it hasn't been changed.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Jahn

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #18 on: October 04, 2007, 11:15:07 PM »
Sounds like it's up to SAS now to offer an explanation.

Offline MeDIeVaL

  • Full Member
  • ***
  • Posts: 165
Re: Trojan.Mezzia inside avast!...?
« Reply #19 on: October 05, 2007, 10:44:43 PM »
Just finished full scanning my system with SAS. It seem the problem solved with SAS latest update... Don't have the false positive alarm detection anymore  :D
HP Pavilion g4. Intel Core i5-2410M @ 2.3GHz. 4GB RAM. Win7 SP1 64bit. avast! Free 7.0.1456. COMODO Firewall

Jahn

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #20 on: October 06, 2007, 12:26:14 AM »
Just finished full scanning my system with SAS. It seem the problem solved with SAS latest update... Don't have the false positive alarm detection anymore  :D
Glad you got it sorted, MeDIeVaL.

I'm still curious why SAS would detect the same file as positive on one system, but not on others. I saw on their forum they didn't give you an explanation (they usually don't), so I guess I'll never know. ???