Author Topic: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)  (Read 24397 times)

0 Members and 1 Guest are viewing this topic.

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #45 on: April 09, 2009, 11:17:59 PM »
UniBlue RegistryBooster found 490 registy problems!
HELP! IT ONLY CLEANED 15!!!
« Last Edit: April 09, 2009, 11:23:21 PM by Donovansrb10 »
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #46 on: April 10, 2009, 12:58:01 AM »
Malwarebytes' Anti-Malware didn't detect the AgentDSS.

LOG:

Malwarebytes' Anti-Malware 1.36
Database version: 1959
Windows 5.1.2600 Service Pack 3

4/9/2009 6:57:12 PM
mbam-log-2009-04-09 (18-57-12).txt

Scan type: Quick Scan
Objects scanned: 162815
Time elapsed: 1 hour(s), 24 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #47 on: April 10, 2009, 01:50:33 AM »
When I did a scan with Spybot S&D, it found 10 viruses. (I don't know where log file is. I saved it to C:\Program Files\Spybot - S&D\
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #48 on: April 10, 2009, 03:38:30 AM »
I deleted the BSSTORE Thing. How can the AGENTDSS still get through and I payed lots of money for that program and it was SPYWARE in the FIRST place!?!?!?!?!!?!?!?!?!?!?!?!  >:(
 ::) Well, I might as well burn the CD.
« Last Edit: April 10, 2009, 03:40:55 AM by Donovansrb10 »
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #49 on: April 10, 2009, 05:06:17 PM »
Ok, I'm doing ANOTHER scan with Spybot Search and Destroy. If that find nothing, I'm going to try Malwarebytes' Anti-Malware.
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #50 on: April 10, 2009, 06:41:04 PM »
Spybot S&D found more viruses. I'm going to scan again to see what viruses it has after I deleted the viruses.

Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #51 on: April 10, 2009, 11:19:09 PM »
Spybot S&D found two viruses.
Malwarebytes' Anti-Malware found one.
(No Spybot log because I don't know where they save it dir/ what?)

Malwarebytes' Anti-Malware Log:
Malwarebytes' Anti-Malware 1.36
Database version: 1959
Windows 5.1.2600 Service Pack 3

4/10/2009 5:03:32 PM
mbam-log-2009-04-10 (17-03-28).txt

Scan type: Full Scan (C:\|D:\|G:\|)
Objects scanned: 308887
Time elapsed: 3 hour(s), 17 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> No action taken.

 ??? ??? ??? How is MSN a virus? ??? ??? ???
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline CharleyO

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7087
  • Be alert for error code - ID 10T
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #52 on: April 11, 2009, 10:39:00 PM »
***

No, it does not indicate that MSN is a virus. It indicates that the riched20.dll has a problem.

Have you visited SmileyCentral or any other MyWeb/FunWeb sites?

A google search will tell you much. Here is one through ScanDoo.

http://g.s.scandoo.com/search?hl=en&meta=on&q=riched20.dll

And here are a few results that are relevant to the problem :

http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx

http://www.prevx.com/filenames/X191170003658458692-X1/RICHED20.DLL.html


***

Self-built desktop (8 years old) - AMD64 3200+_Gigabyte GA-K8NS Ultra-939_4 gb RAM_GeForceFX 5800w/256 ram_XP/SP3_Avast 7_MBAM_ZA Free __and__ Toshiba Satellite Laptop_W7-64bit_ 4 gb Ram_Avast 8_MBAM

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #53 on: April 12, 2009, 02:16:44 AM »
Ok, I'm getting a new problem now. When I went on the computer, after my account loaded, these things weird happened:
-I coulden't contect to the internet.
-Internet Explorer automadicly opened.

(As I was just typing, A NEW VERSION OF VIRUS DATABASE HAS BEEN UPDATED!)
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
    • The WAR Against Malware
Re: Avast not detecting Trojan.Offiz. (FOLDER TYPE/NOT FILE TYPE!)
« Reply #54 on: April 14, 2009, 11:28:30 PM »
***

No, it does not indicate that MSN is a virus. It indicates that the riched20.dll has a problem.

Have you visited SmileyCentral or any other MyWeb/FunWeb sites?

A google search will tell you much. Here is one through ScanDoo.

http://g.s.scandoo.com/search?hl=en&meta=on&q=riched20.dll

And here are a few results that are relevant to the problem :

http://www.microsoft.com/technet/security/Bulletin/MS07-013.mspx

http://www.prevx.com/filenames/X191170003658458692-X1/RICHED20.DLL.html


***



So how do I remove the "RICHED.DLL" virus if it reapeared after Spybot S&D deleted it?
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."