I have the Standard Shield set to scan ALL files… Well, I let someone use my computer today… and at the end of the day I went to clear out all my temp files and my internet cache… and avast found a Beagle variant… My question is this… If avast is set to scan ALL files… then why was it only found when I went to empty the cache? Shouldn’t it have found the file on d/l? Just a curiousity of mine.
What is the filename?
Where is it located?
Did the person that used your comp just ignored the Avast warning?
Was the file orignialy “zipped”?
Does it have a extension?
I think nr3, is in order here. But you probably never know. I doubt someone will say, “yes I got a virus warning but just ignored it”
No virus warning. The virus was in the temp internet files. I believe it came over through an asf file…as they were looking at funny animation movies. And I noticed that some of them were .asf ext. I was there… I didn’t even suspect. I didn’t worry much about because I figured avast would pick most things up when d/l to the cache… :-\
I have spywareblaster installed and updated… Spybot S&D resident protection installed…all updated… avast all current updates… Windows xp all patches installed… Spywareguard…running… Sygate… It is interesting to me that this would get by avast. Browser is FireFox 0.9.2
here is where it was found
Application Data\Mozilla\Firefox\Profiles\default.cyf\Cache.Trash\Trash\Cache\8F77EAC4d01"
What is your exaxt settings of the Standard Shield?
Scanner (Basic):
All settings are checked.
Scanner (Advanced)
Scan Files on Open is checked.
Always scan WSH-script files is checked.
Scan created/modified files is checked.
Radio button “All Files” is selected.
ALL Providers are running :-\
Another interesting thing. I ran Spybot S&D and it said it found SC-Keylog on my upstairs pc and my downstairs pc. This is really odd. And AdAware’s icon target on BOTH systems was changed to it’s install log…and the icon was renamed UNWISE.exe.
Cleaned everything off the pc’s that I can find. Many many scans… Everything is updated. I have never had a problem before. My friend did NOT use the downstairs system. The two are connected to a router, but sharing is NOT enabled. The SC-Keylog was found on BOTH systems… :-\ I just don’t understand it.
I don’t look at Porn sites… I don’t look at Warez Sites… I don’t open odd email attachments… all my email is scanned by avast… I feel so… violated Both systems are running perfectly though… I guess all is well now.
Could it have been a false alarm? It is listed in the log as Win32:Beagle-gen [Mail]
I never seen SC-Keylog installed automaticly, not saying it isn’t possible, but I think that someone has deliberatly put that on your systems. See if you can find the log file it creates, most likely it is not in the same folder the application is in but somewhere in the windows or system(32) folder. Since it is possible for the application to send the log it creates to a e-mail address, also check your mailer prog to see if it has send something you where not aware off. Let’s see if this tells us something more.
Artras,
I can find no log file. I believe SC-Keylog is a false positive. I was thinking…what files have I transferred between the two systems… or what commonality is there…since this SC-Keylog showed up. I’ve pinned it down to one thing that was done to the two systems. I d/l the Beta detections for SpyBot S&D. I believe that is what caused the SC-Kelog false positive. I still can’t figure out how Beagle got on my system without avast catching it immediately. Really appreciate the help