Hello,
I’m a new member to this forum who’s recently had a first-time virus detection experience. Unfortunately, I’m not the most tech savvy individual, and I deleted the items under alert, which I have since learned may not have been the best course of action. Given this and the information I’ll provide below, I have several questions/concerns I hope you’ll be able to address.
INFORMATION
- Detected via: Standard Manual Scan
*Also via background scanner when I opened the folder containing the program (AoA AudioExctractor.exe) and its various compliments
- Source/Avast log report (slightly modified):
11/07/2008 9:29:55 AM USER Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Program Files\AoA Audio Extractor\AoAAudioExtractor.exe” file.
11/07/2008 9:32:05 AM SYSTEM 1916 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Program Files\AoA Audio Extractor\AoAAudioExtractor.exe” file.
11/07/2008 9:48:32 AM USER Sign of “Win32:Trojan-gen {Other}” has been found in “C:\System Volume Information_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP242\A0033550.exe” file.
Note: I don’t really remember what the initial notification said, but the word ‘Worm’ was mentioned when the various alerts came up.
-
I downloaded the program early 2008 – maybe Feb/Mar
-
I haven’t noticed any unusual performance problems, activities or changes since installing the program in question
QUESTIONS
-
Since I’ve had the infected program for about five months now, and have been running manual system scans (often in thorough mode), I can only presume the positive hit is a result of some new definition that I obtained in my latest update (which was today). Given that Avast has been missing the problem for so long, how do I know if Avast has gotten everything that needs getting?
-
I tried to do a bit of research on the problem, and, while I’m not terribly experienced, one of the things I came across was mention that it might be a back door function of some kind. I’m fairly certain the limited financial information on my computer hasn’t been harvested, and I haven’t noticed any functional problems or oddities with my computer, but is there any way to tell if some third party has been rummaging around and/or making changes to my system?
-
Looking back, I’m a little bit concerned about deleting the ‘C:\System Volume…’ item. Do you think it might be a problem, and should I try to take steps to bring it back (perhaps perform a system restore)?
-
Finally, I actually found the program that was infect quite useful to have, and, although I didn’t use it terribly often, I wouldn’t mind having it back. I’m not sure where I initially downloaded it from (although I don’t tend to be very adventurous with such things), but, thinking back on how I came found it and obtained it, I think it’s possible I may have picked up a tainted version (it is freeware, after all). Do you know some place I can go to enquire about the program, whether it intrinsically contains malicious software or whether it might be ok from more reputable sources? Also, if I do decide to re-download it, is there some way I can do it in a secure fashion, so that I can scan the download/program before allowing it to live freely on my computer?
Thanks for the help.