My computer got recently infected with the virus bsr.exe and Avast did not detect it. However, it did detect and stop the attempts of the malware to try to access different porn websites. A scan using Avast came up clean.
I thought I had successfully removed it, but after I downloaded and ran Malwarebytes, it found 3 infected files (I don’t know whether they’re related to the original one):
Files Infected:
c:\documents and settings\Owner\local settings\Temp\Bsp.exe (Trojan.Downloader) → Quarantined and deleted successfully.
c:\WINDOWS\Tasks{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) → Quarantined and deleted successfully.
c:\WINDOWS\Tasks{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) → Quarantined and deleted successfully.
Thank you very much for your recommendation and your help, I hope my good old computer behaves for a bit longer
Well I guess they are related, the .job task schedulers would be responsible for running the attempts to download which were being detected and blocked by avast. The bsp.exe is a bit too close to the bsr.exe to be coincidental for me (unless that was a typo).
So I would delete the .job entries in the MBAM Quarantine, if you didn’t send the bsr.exe to avast you should send them the sample and also the bsp.exe.
You obviously can’t send the bsp.exe to avast from the MBAM quarantine, so you would need to first export it before adding it (a copy is taken) to the avast chest. Whilst MBAM sends it back to the original location, there should be little risk as the .job tasks aren’t in place and it would only be for a short time to get it to the avast chest and run MBAM again to deal with it.
Send the sample/s to avast as a Undetected Malware:
Open the chest and right click in the Chest and select Add, navigate to where you have the sample and add it to the chest (see image). Once in the chest, right click on the file and select 'Submit to virus lab...' complete the form and submit, the file will be uploaded during the next update. The actual file remains in the original location as this is just manually copying it to the chest, you need to deal with the file using MBAM again.
Or
Send the sample to [b]virus (at) avast (dot) com[/b] zipped and password protected with the password in email body, a link to this topic might help and false positive/undetected malware in the subject.
Safer and quicker option is send from the chest.