Trojan-Downloader.JS.Agent.foz missed by Avast

My computer got infected by the Trojan-Downloader.JS.Agent.foz. Avast missed it. It was in an html attachment in a “trusted” email.

I realized immediately that something wasn’t correct and reran avast scan on the html document and on the directory where it was saved. Avast still missed it. I found that Kapersky identified it 3 days ago. Another online scanner found the infected html document in the browser casche and quarentined it.

I ran Microsoft malicious tool scan, a full avast scan and the online scanner and do not find any other sign that the trojan was able to download code to my computer. I believe/hope that that is because this class of trojan uses activex to do it’s dirty work, and I have activex turned off in my browser. I have also been monitoring internet activity from my router and see no unexpected activity. Nor do I find any unknown files in my root directory where this class of virus puts stuff.

  1. I can’t find a list of known malwhere for Avast on the site. It this trojan known to avast today?
  2. Once a trojan is entered into the avast database will avast also scan for the payload the trojan will download?
  3. Is there an alternative to uninstalling avast and installing Kapersky since they know about this trojan?
  4. Are there any other steps to take to be sure that the payload of this trojan is not lurking somewhere other than a full rebuild of the disk drive?

sblevine

4. Are there any other steps to take to be sure that the payload of this trojan is not lurking somewhere other than a full rebuild of the disk drive?

Malwarebytes Anti-Malware 1.46 http://filehippo.com/download_malwarebytes_anti_malware/
always run update before you scan so you have the latest database
click on the remove selected button to quarantine anything found
you may post the scan log here

and if you are still not sure, you can also run
SuperAntiSpyware 4.43.1000 http://filehippo.com/download_superantispyware/
Norman Malware Cleaner http://www.norman.com/support/support_tools/58732/en
Dr.Web CureIt http://www.freedrweb.com/cureit/?lng=en