Just downloaded WinRAR 3.80 beta 3 from filehippo.com, and AVG has just done a scan to say that it's infected with the above trojan. No mention of said trojan anywhere else on the net. Is AVG right, should I be worried, or is this just bullshit?
Cheers
Tom
Perhaps download and run this-
http://www.majorgeeks.com/Malwarebyt...are_d5756.html
I'm still looking for something else thaT MIGHT be useful.
Sorry bout the caps. Haven't had my coffee yet.
Edit: Not sure where you were looking in the Internet, but I am seeing all sorts of results.
The most Beautiful thing we can experience is the mysterious.
It is the source of all true art and science.
~ Albert E.
Thanks, will give that a go.
By the way, isn't it like before 6am where you are? What the hell are you doing up at this time? It's past 2pm for me!
No, it's 8:00 right now.
I am going to keep looking (because this stuff is interesting), but have an appointment (maybe one of the awesome, knowledgeable dudes will show up), so am about to leave.
Are you positive it's ZCJ and not CCJ or BCJ?
The most Beautiful thing we can experience is the mysterious.
It is the source of all true art and science.
~ Albert E.
definitely ZCJ. it's in my AVG virus vault at the moment.
You might also dl HJT-
http://www.trendsecure.com/portal/en...kthis/download
and post your results here.
You could also go through the steps laid out by Castle Cops-
http://wiki.castlecops.com/Malware_R...tion:_Overview
Originally Posted by tom_manchester
Gotcha.
The most Beautiful thing we can experience is the mysterious.
It is the source of all true art and science.
~ Albert E.
That is strange, cause I downloaded the latest spyware blaster from filehippo a while back and it too was infected with a trojan. I am wondering if AVG finds part of their software(s) as a false positive. It seems strange that filehippo would host an infected file, doesn't it? Very odd. I tried this same download on my main computer and EST Security did not detect anything.
Protest long enough that you are right, and you will be wrong
Well if symantecs information of a different variant of the virus is accurate for this version than you will probably want to run your anti-virus in safe mode. To get into safe mode hold F8 when windows starts. Then just select run in safe mode. This works to remove viruses most of the time. That is if the virus is still causing you problems, you did mention its in your avg vault.
Also, just a heads up. If you want an alternative to winrar try 7zip, its always worked great for me.
Anyone upset or offended by my post please follow the link and let your opinions be known.
http://www.zeropaid.com/bbs/showthread.php?t=55492
From my own experience I can tell you this method can be effective, but certainly no guarantee. I recently had a virus hiding in sys restore, that could not be removed, even in safe mode. However, after disabling sys restore I was able to remove it by running the same scan. It was only after running Housecall that I discovered where it was hiding though.
Often I will use my garage computer and plug the infected HD as a slave and run everything under the sun on it, including booting to MiniPE XT, which has several AV's and anti-spyware apps.
-----------®N®----------
あなたをファック
I just want to amend what MR and ®N® have suggested.
Before you go into safe mode to run the AV or AM, I think you are supoosed to turn system restore off.
The most Beautiful thing we can experience is the mysterious.
It is the source of all true art and science.
~ Albert E.
forgot about sys restore, mines always off. Good catch RnR.
Anyone upset or offended by my post please follow the link and let your opinions be known.
http://www.zeropaid.com/bbs/showthread.php?t=55492
Hate to state the obvious, but why not download it from the offical winrar site rather than a third party?
www.rarlabs.com
A little common sense is the best virus protection anyone could ask for...
A couple of sites I've been working on if you're interested http://www.howtogetfaster.co.uk, [url]http://www.documentaries.me.uk[url] and a new startup http://thelocalseo.co
Greetings from Sweden :)
Yesterday, we downloaded a monopoly-game(about 2 year old torrent) from thepiratebay.org, opened up the folder where the file landed and directly got a popup from AVG telling that it had found the trojan: Trojan Horse Agent.ZCJ.
We ran AVG scan, successfully removed the trojan (that's what we thought atleast).
I have two partitions of my harddrive, we removed the file we downloaded, and ran AVG scan again - threat still found, in WinRAR.exe.
Then we did a complete OS reinstall of Windows XP Pro SP2.
Installed all drivers and the applications we wanted to use.
When it came to WinRAR though... When we installed WinRAR (downloaded from www.rarlabs.com) we got the same friggin trojan.
Ran Ad-Aware which found alot of threats, we did not check the logfiles though so we did not accually see what it found, but it removed the threat. Ran AVG - No threat. Ran Ad-Aware again, no threat.
So we believe that we have successfully removed the trojan by now, but we are not going to download WinRAR again, thus it seems that AVG reacts very strong on in.
We are also currently using 7zip instead of WinRAR.
I guess I'm just lucky.
I dl'ed mine in 2005 when I started uni and have never had a problem with it.
The most Beautiful thing we can experience is the mysterious.
It is the source of all true art and science.
~ Albert E.
Should i post the main.txt and extra.txt files from DSS? Would that help?
Posting Permissions
Reply With Quote
Bookmarks