Author Topic: Trojan.Mezzia inside avast!...?  (Read 12638 times)

0 Members and 1 Guest are viewing this topic.

MeDIeVaL

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #15 on: October 04, 2007, 03:57:42 AM »
MeDIeVaL, is this the same system that had the trojan downloader?
      http://forum.avast.com/index.php?topic=30525.msg253810#msg253810

I'm wondering if it compromised Avast and/or SAS. Did you verify the MD5 of %:\Program Files\Alwil Software\Avast4\AhResWS.dll to the one DavidR posted in reply #1? Mine has the correct MD5 and is clean as I stated.

(Edit: Added:) SAS started detecting the Avast file right after the downloader was detected.

Nope, not the same system. That's my friend pc actually (as I do a part time job repairing and upgrading pc). This prob just occur to my own pc, never had this prob before 25th Sep. I've submitted the sample to SAS hoping that they will give the positive feedback 'bout this. Actually, this prob has do no harm to my pc except I'm afraid if I accidently put the suspected file into quarantined or worst delete it. I'm in my office right now, I would cx the MD5 after I'm getting back from work.

MeDIeVaL

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #16 on: October 04, 2007, 06:06:44 AM »
Here the MD5 for avast!

Additional information
File size: 53248 bytes
MD5: af4e5eb372f516ef061e65e8973b57b5
SHA1: 5cda88f692618d44aa238a4f673671ef28045510

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Trojan.Mezzia inside avast!...?
« Reply #17 on: October 04, 2007, 02:13:32 PM »
Which is the same as the one I posted.
Quote from: DavidR
The MD5 of C:\Program Files\Alwil Software\Avast4\AhResWS.dll is af4e5eb372f516ef061e65e8973b57b5

So your file is the same as mine and it hasn't been changed.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Jahn

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #18 on: October 04, 2007, 11:15:07 PM »
Sounds like it's up to SAS now to offer an explanation.

MeDIeVaL

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #19 on: October 05, 2007, 10:44:43 PM »
Just finished full scanning my system with SAS. It seem the problem solved with SAS latest update... Don't have the false positive alarm detection anymore  :D

Jahn

  • Guest
Re: Trojan.Mezzia inside avast!...?
« Reply #20 on: October 06, 2007, 12:26:14 AM »
Just finished full scanning my system with SAS. It seem the problem solved with SAS latest update... Don't have the false positive alarm detection anymore  :D
Glad you got it sorted, MeDIeVaL.

I'm still curious why SAS would detect the same file as positive on one system, but not on others. I saw on their forum they didn't give you an explanation (they usually don't), so I guess I'll never know. ???