Virus and tojan not discovered by avast

Hi All,

I’ve just used Ace Utilities to scan my startup programs and it discovered these two:

Item : MICROSFT ANTIVIRUS UPDATE SUPPORT
Name : “microsft antivirus update support”
Filename : [random 10-letter filename].exe
Database Status : Not required
Description : “Added by the RBOT-AQA WORM!”

Item : CTFMON.EXE
Name : “ctfmon.exe”
Filename : ctfmon.exe
Database Status : Not required
Description : “Added by the RAIDYS TROJAN!”

So I disabled system restore in preparation for removing them using avast, only problem is that avast doesn’t seem to pick them up.

Could somebody help me as I do not really want to purchase another Antivirus software just so I can remove these two. - The sophos website has instructions for removing them, so come on avast.

If you need any further information let me know.

Jon

You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive.
Or VirusTotal - Multi engine on-line virus scanner

If detected by other scanners then send it to avast.
If you are not getting a virus warning that and you believe it is a new, undetected virus , then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces), or send from the chest.

Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a new, undetected virus or false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

Hi Jon,

Are you running another resident antivirus program with avast? Widows One Care maybe? If you are this could be causing problems.

I don’t know about that random 10-letter filename.exe, but ctfmon.exe is a valid file name in MS Office.

In addition to DavidR’s recommendations try scanning with the free version of Ewido.