Avast will not detect this even with a boot scan. Stopzilla finds it but can’t remove it.Help! Thanks!
Send the sample/s to avast as a Undetected Malware:
Open the chest and right click in the Chest and select Add, navigate to where you have the sample and add it to the chest (see image). Once in the chest, right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update. Note: manually adding to the chest doesn’t remove them from the original location, so they still have to be dealt with in that location.
Or
Send the sample to virus (at) avast (dot) com zipped and password protected with the password in email body, a link to this topic might help and false positive/undetected malware in the subject.
####
MBAM is also quite good on Fake/Rogue AVs, etc.
MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. Download, Install, Update, Run and post the contents of the log.
MBAM & Hitman Pro did’t detect it either! Sorry for not including these two.
Crucial issue now is send the sample to avast so it can be analysed and included (before it is removed and the opportunity lost).
This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the logs and attach the logs here.
ragweed,
See here: http://answers.yahoo.com/question/index?qid=20081109060830AAntuaj for info about STOPzilla.
David R is right in posting the above, as you are asking for help in posting an undetected malware. However, anything that is said to be a rogue program in reputation is inherently stated to produce fake results.
Thought you might want to know.
Well another program got rid of the nastys. Unins000.dat & Unins000 My PC is working A-OK now & Stopzilla is not finding Zip.Malewarebyts did find em but, I was afraid to use the File Assassin on them fearing the Blue screen of Death…!
To be fair I will say I ran free online scans of: Nod32,Panda & Kaspersky.Kaspersky did find many Locked files on my PC but, I am no computer whiz as to what this means. Kaspersky also found Zip along with MRT & Windows Defender.So, I can’t blame Avast at all…! In fact Avast did save me from a malicious script!
have you tested the file(s) at virustotal ?
You need to post the suspicious files to avast! and also here: http://www.virustotal.com/ with 44 anti-virus scanners available.
See here re STOPzilla @ WOT: http://www.mywot.com/en/scorecard/stopzilla.com Read user’s comments for more info. I find WOT (Web Of Trust) useful in avoiding bad or malicious sites.
If you still need help, let Essexboy know. He is the resident anti-malware expert here.
Not sure you can post a registry entry in VirusTotal and get a result.
The infected file is in Stopzilla & I don’t know how to do it. I am an average Joe & not computer savey.
in stopzilla virus chest it is listed as:vr32!hkus\s1-5-21-1099877974-96133589-1210680582 fake antivirus u…hope this helps!
Looks more like a registry key than a file.
I still believe you need to run OTL as that is a good analysis tool (first) to ensure that everything has gone.