Author Topic: Avast Pop up malware Blocked trojan??  (Read 4469 times)

0 Members and 1 Guest are viewing this topic.

mama66

  • Guest
Avast Pop up malware Blocked trojan??
« on: March 13, 2011, 10:41:15 PM »
Hi ,Avast prevented a malware infection which im very pleased about! But I would like to understand what this is,, because i am not sure if i should use the program now.The reason im wondering about this, is my computer was idle when the popup came. the only thing open on my computer was my email program and i wasnt using the computer.  Here is the pop up message 

"MALWARE BLOCKED

avast file system shield has blocked a threat.
Object: C:\MicroGaming\Poker\PokerTimeMPP\install.exe
Infection: Win32:Trojan-gen
Action:
Process: C:\Windows\System32\rundll32.exe
 
The threat was detected and blocked just before the file was opened."

I have not had the pokertime program opened for several weeks, so I am not sure what this threat was all about. I don't know anything about this stuff so just wondered if someone could explain to me what this means . I undertsand that avast blocked it before it caused a problem, but where would it have come from? Does it mean there is a problem with my pokertime program? Any help would be greatly appreciated. Thank you, Cindy

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Avast Pop up malware Blocked trojan??
« Reply #1 on: March 13, 2011, 10:51:06 PM »
- The avast Win32:Trojan-gen is a generic signature (the -gen at the end of the malware name), so that is trying to catch multiple variants of the same type of malware and is a fine balance between detecting a new variant and detecting something valid as infected.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\*
That will stop the File System Shield scanning any file you put in that folder.

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Avast Pop up malware Blocked trojan??
« Reply #2 on: March 13, 2011, 10:52:35 PM »
If this is the one you have downloaded and installed ( Setup_PokerTime.exe ) downloaded from here ( pokertime.eu/download/ )

Then there is not only avast that does not like it

VirusTotal - Setup_PokerTime.exe - 6/43
http://www.virustotal.com/file-scan/report.html?id=fab47911266e03143803a692a586c0d37d56aef63b51e270781ddc122b045f87-1300052703


Malwarebytes detect it as - PUP.Casino.Gen

A PUP (potentially unwanted program) - http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1066761,00.html


« Last Edit: March 13, 2011, 11:08:26 PM by Pondus »

mama66

  • Guest
Re: Avast Pop up malware Blocked trojan??
« Reply #3 on: March 13, 2011, 11:41:21 PM »
Thank you for the replies! I scanned pokertime with both avast and avg and the scans were clean. I have used this program for several years, but just redownloaded it onto a new computer in february. I had another one of micro gamings programs a few years ago and ended up uninstalling it because of so much spyware and constant popups. So I'm guessing this is just a different form of their spyware?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Avast Pop up malware Blocked trojan??
« Reply #4 on: March 13, 2011, 11:51:20 PM »
Quote
I scanned pokertime with both avast and avg and the scans were clean.
do you have avast and AVG installed ?


installing multiple AV programs can create all kind of mysterious windows errors and False Positive detections

see reply from quietman7
http://www.bleepingcomputer.com/forums/index.php?s=7c8217673a726b92cfc91ecfd4294a29&showtopic=260844&view=findpost&p=1441638

Removal tools for AV programs can be found here http://uninstallers.blogspot.com/
« Last Edit: March 13, 2011, 11:53:39 PM by Pondus »

mama66

  • Guest
Re: Avast Pop up malware Blocked trojan??
« Reply #5 on: March 14, 2011, 12:00:31 AM »
 :-[   I actually downloaded AVG by mistake, while trying to download avast.I didnt really notice it until after the download ,when it said i would have avg free for 30 days. I thought i remembered something about not having 2 anti virus programs at same time, but figured when i downloaded avast it would give me a pop up about AVG. I didnt get a popup and planned to uninstall avg anyway, but had an appt. to get to, so I totallt  forgot about it again until now. Im sorry to have wasted any of your time and thank you so much for pointing my mistake out!! I will uninstall avg now and hopefully won't have to bother you again. Thanks again very much!








Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Avast Pop up malware Blocked trojan??
« Reply #6 on: March 14, 2011, 12:05:16 AM »
Quote
I will uninstall avg now and hopefully won't have to bother you again. Thanks again very much!
You are welcome, and We are in here bc we like to be bothered  ;D

mama66

  • Guest
Re: Avast Pop up malware Blocked trojan??
« Reply #7 on: March 14, 2011, 12:11:07 AM »
 ;D  Well then thank you very much for liking being bothered!! ;D ;)