Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems Understanding Avg Advice.


  • Please log in to reply
3 replies to this topic

#1 Mrs_Erceg

Mrs_Erceg

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 02 June 2008 - 07:35 AM

Hello everyone, ok where do i start. I am using AVG free edition software.

When i go to virus vault there appears to be two Trojan virus' in storage.

I didnt know what to do so i decided to look at the details. Here is what they say:

The differences between the two is the date of detection and Object path.

Object name: cximage. dll
Object path: C:\Programme files\Common Files\Ahead\Lib\
Discovery: Trojan horse Generic10.ABRY
Date of detection: 23/05/2008 18:48:45
Source computer: DSA-1114269
Finder: User
File size: 800KB (819200 bytes)
Healable: No
Source: Backup copy
Status: Infected

Object name: cximage. dll
Object path: C:\Programme files\Nero\Nero 7\Nero Vision\
Discovery: Trojan horse Generic10.ABRY
Date of detection: 23/05/2008 18:48:46
Source computer: DSA-1114269
Finder: User
File size: 800KB (819200 bytes)
Healable: No
Source: Backup copy
Status: Infected


As i couldnt understand what was supposed to happen to them or which option i should choose while they were in the vault, i thought i would check the files names in the Object path to see if anything came up.

I was thinking that i should look for the file name "cximage. dll" in C:\Programme files\Common Files\Ahead\Lib\ and delete and do the same in the C:\Programme files\Nero\Nero 7\Nero Vision\ one.

Question: Would this have been the correct thing to do?

Question: When i followed the "object paths" i was unable to find the "cximage dll". Does that mean that the virus is not functioning on my computer and it has already been resolved (hense it being in the virus vault?)?

After all this, i suddenly had the genius idea that i should just go and see what AVG online services advise...which i perhaps should have done in the first place, lol. :thumbsup:

At first it advised me to empty vault: here

1314:
I have some files in the AVG Virus Vault. What next?

Most of today's viruses (Trojan horses, I-Worms, Worms, etc) create their own files which contain nothing but a body of the virus. In such cases the only way to remove the infection is to delete the infected file. When you moved the file to the AVG Free Virus Vault it was deleted from its original location, coded, and then saved in a non-executable file in a hidden folder. Your PC is no longer infected then.

If you are not missing any data file and your applications are running, then you can delete these vaulted files from the AVG Virus Vault program:

* Double-click the AVG Free icon on your desktop -> choose the "History" menu and select the "Virus Vault" option -> click on the "Empty Vault" button.


And then i noticed the: "1316: A virus has been found with the "Infected, Embedded object" status" here. I remembered that when i looked at the vault details (listed above) it said "infected" in the status section and so i thought that this instruction would be relevant to my case and followed.

These are the instructions:

1316:
A virus has been found with the "Infected, Embedded object" status

If a virus is found during an AVG Free test and the status is Infected, Embedded it means that the virus file is part of an archive file (ZIP, RAR, CAB‚) or part of a self-extractor archive (EXE). AVG Free detects this file of course but is not able to remove this file automatically from an archive file and compress it again without this infected file or move it to the Virus Vault automatically because of data security.

We have chosen the user interaction method in this case of virus removal. Please follow these steps to remove this kind of virus files:

1. Move it to the Virus Vault‚€œ if the size of the archive is less than 5 MB.

Choose Test Results (run AVG->choose History menu->click on the Test Results item) in the Test Result mark the line with the infection (click on the line with the red exclamation mark icon)->choose the Move to Vault button.

2. Delete the archive‚€œ if the size of the archive is more than 5 MB it‚„s not possible to move it to the Virus Vault.

!Please make sure if this archive doesn‚„t contain your important data!

Choose Test Results (run AVG->choose History menu->click on the Test Results item) in the Test Result mark the line with the infection (click on the line with the grey exclamation mark icon)->choose the Go to file button, you will be transferred to the archive file automatically and you can delete it by right-clicking on its name and left-clicking the "Delete" option from the menu.

Please note

If you have deleted the archive file you also have to empty the Recycle Bin where the deleted archive file has been removed to:

* Double-click on the Recycle Bin icon on the desktop of your computer
* Choose File menu and the Empty Recycle Bin option


Problems with the first instruction "1. Move it to the Virus Vault"

I followed all the instructions easily, a red file appeared that showed up at 18:18 on the 23/5/08 with two threats and 58760 objects but with 0 errors so i figure it must have been related to the two Trojans which were detected at 18:48...or perhaps they are unrelated, i do not know. Anyway, i thought i would deal with this anyway as it looked dodgy. The next instruction is select the file and then: "choose the Move to Vault button." There was no "Move to Vault" button. There was a "Remove" button, but no "Move to Vault" button.

Question: Was this "Move to Vault" option not available because it had already been resolved?

I would appreciate any advice or links you can give with regard to resolving this.

Love Mrs_Erceg

Edited by Mrs_Erceg, 02 June 2008 - 07:43 AM.


BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:05 AM

Posted 02 June 2008 - 11:09 AM

that file(same size) has been there in nero 7 for over 2 years

looks like avg is going to make a lot of nero users mad
Chewy

No. Try not. Do... or do not. There is no try.

#3 Mrs_Erceg

Mrs_Erceg
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 02 June 2008 - 01:32 PM

that file(same size) has been there in nero 7 for over 2 years

looks like avg is going to make a lot of nero users mad



I am sorry Dachew, i do not understand can you please explain?

Which file are you referring to? The one that has been there since 23rd of May 2008?

Thanks alot

Love Mrs Erceg.

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:05 AM

Posted 02 June 2008 - 02:00 PM

avg got a new update last month, it then decided that any file named that no matter where it was on the computer was that trojan

I googled this for quite some time even though I knew AVG has been having one incidence after another lately like this

I do not reccomend it any more as a av solution

http://www.google.com/search?hl=en&q=c...G=Google+Search

http://www.google.com/search?hl=en&q=c...in%C2%A0results

sorry to say avg dropped the ball here, you might report it to them
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users