what to do if a trojan is found in system restore?

[samnetx]

One more time Trojans found in System Restore by MBAM.

I am unable to trace why it is happening again and again in System Restore.

I am surprised that SAS detected Comodo Memory Firewall infected files may be False Positive

samnetx

[samnetx]

Found something in System Restore again.
View the screenshot

How to send Quarantined files of Malwarebytes Antimalware to VirusTotal?

I searched for the infected file to be send to Virustotal for analysis which I have Quarantined earlier in MBAM but I am unable to search the same in my Hard disk.

Give me information to send file to virustotal which I have quarantined earlier in MBAM.

Tell me if I can enable the MBAM protection module after purchasing, I think it has no conflicts with avast.

samnetx 

[Lisandro]

How to send Quarantined files of Malwarebytes Antimalware to VirusTotal?

You can't, as it just allow restore and not extract to a different folder.
I won't worry that much. If it is a false positive, it's ok, you just broke that system restore point.
If it is infected, the system restore point is broken now, you can't use it.

Tell me if I can enable the MBAM protection module after purchasing, I think it has no conflicts with avast.

At least with version 4.8 of avast, MBAM resident is compatible.
Most probably it will be compatible also with avast 5 (not sure).

[samnetx]

Here is a VirusTotal of the infected file. It is Riskware and Trojan
(edit) I have used this software BPS Spyware Remover (Riskware) in the past as a Spyware Remover (downloaded from internet) and my computer crashed two time in two years. I recently deleted its files from the harddisk.

http://www.virustotal.com/analisis/1b90b4b5493533b0d42f36608f3850630a4df57ce4ebe85ddf65973ec3ca4fe0-1253830470

Give me your valuable suggestion, how to get rid of System Restore virus, trojans which are always found after few days.

samnetx

[Lisandro]

Disable System Restore on Windows ME, XP or Vista. After disabling you can enable it again.

[samnetx]

Trojans found
I scan my computer with MBAM regularly, today after updating my MBAM and then scanning I found Trojan in my computer.

Here is screen view of found Trojan
Trojan.Agent according to MBAM  
I have recent OS history of infected folder with this one but at that time the scans with MBAM may not be able to detect this.

file anaysis
http://www.virustotal.com/analisis/f05e0b9a6e426f1db6a3b6dab4d6c726b10901cd549524923b3703d390444ab9-1254239735

Give me information about more websites to scan infected files for analysis.

samnetx

[nmb]

Hello samnetx see this:

it'll solve your problem http://forum.avast.com/index.php?topic=49100.0

[DavidR]

I would say do nothing for now as these are the subject of an FP report by MBAM users.

Since you have quarantined these I would restore these so that avast will be able to use the actskin4.ocx.

It is always best to check to see if others have this problem, which nmb has posted.

[samnetx]

My avast home is started after quarantine of these files every time I start my computer.

You can view the image.

There are some enteries found by my registry cleaner may be relating to this file.

samnetx

[DavidR]

Do as I said earlier, restore the recent detections from Quarantine. Update to the latest MBAM database version 2886, which corrects this.

It is hardly surprising the registry cleaner finds this as you have them in quarantine.

[samnetx]

When I found my avast running in services I deleted the quarantined files

Now what to do about this.

samnetx

[Lisandro]

When I found my avast running in services I deleted the quarantined files

Now what to do about this.

samnetx

Can you try to repair your installation?
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove. Then choose Repair function in the popup window (Repair).
If this does not help, can you uninstall / boot / install / boot again?

[DavidR]

When I found my avast running in services I deleted the quarantined files

It is never advisable to delete in haste (you have no options left, leave them in quarantine whilst you investigate) as you can regret at leisure.

[samnetx]

Downloaded the latest version 4.8.1356 of avast home

I have repaired the installation of avast home

The file is now available in system32 folder (edit) and new file is not infected scanned with MBAM(Database Version 2887). It was False Positive earlier shown by MBAM in previous scan scanned with database version 2880.


samnetx

[samnetx]

Trojan found while scanning all files with SuperAntispyware. I scan with SAS with MBAM protection turned on and detected this. MBAM give message that something Malicious detected in HijackThis.log. I quarantined and restored the file for VirusTotal analysis but after restore SAS and MBAM detected nothing in this file. I don’t know where the Malicious thing gone away.

See the image of detection by MBAM.

No virus detected by VirusTotal
http://www.virustotal.com/analisis/b0820191d250d2a34c554c2d1a578c2fee05f29df2d6ce6fa7c83bc5480bd3f2-1254987948

I don’t know what is going on inside my computer.

samnetx