Hi guys,
I was installing Bittorrent (from the official bittoreent inc website) and after downloading, installing and then running it for the first time, I got an Avast ping with a webshield alert for Win32:Evo-gen [Susp] saying that it had blocked it. However, a few seconds later and I got a second ping alert saying that Win32:Evo-gen [Susp] had been found on my computer and moved to the chest.
The file shows as ‘~sp57B6.tmp’ and the location is ‘AppData\Local\Temp’ and the name of the threat is ‘Win32:Evo-gen [Susp]’
(Just to clarify, I wasn’t actually downloading, just literally opening the window for the first time. The torrent programme has adverts on it like webpages though, so I’m thinking that’s where it’s from? a) cos it pinged a webshield up first like when a dodgy ad is on a site and b) the top advert stopped playing once the avast alert pinged, as if it had been blocked)
So it’s now in my chest, but after checking online for Win32:Evo-gen [Susp] I read that there can sometimes be stuff left behind, especially if it’s a rootkit. I know nothing about this stuff so was hoping you guys could check for me.
I’ve attached the logs. I couldn’t get the text format for the malware bytes one, so had to copy the xml one to a text file…however, it still lists the 13 (I think) items it found in the scan…that weren’t there five days ago when I scanned last.
So my question really is a) is there something nasty still on my computer…if so, how do I get it off, and if not…b) those 13 items found in malwarebytes and the Win32:Evo-gen [Susp] are sat in quaratine/chest. Is it safe to just leave them there or should I be doing something else to properly scrub them off my system?
Thanks in advance guys!
