jana
asked on
Please explain these infections BehavesLike.Win32.Malware.klt (mx-v), Trojan.Win32.Generic!BT, rojan-Dropper.Win32.Agent.bjw and Zango[780]
We just downloaded and installed Ad-Aware 9.0.5 Spyware on a computer. After running Ad-Aware, it found the following attackers:
1 .BehavesLike.Win32.Malware .klt (mx-v)
2. Trojan.Win32.Generic!BT
3. Trojan-Dropper.Win32.Agent .bjw
4. Zango[780]
(see also actual messages in the code/snippet area within this page)
We also have installed in this PC: Avg antivirus, Malwarebytes' Anti-Malware, Spybot - Search & Destroy, SpywareBlaster, SpywareGuard and SUPERAntiSpyware.
These 7 software are run periodically and 3 of them (AVG, SpywareGuard and Spybot) are in memory always.
We need some explanation of our situation:
1. Why the 7 software never identified those four attackers?
2. Out of the 4 files infected, SQLassist (sqlassist.exe & sqlassist.dll) is a tool
for our SQL guy. How does those two files (sqlassist.exe & sqlassist.dll)
cause any problem (our SQL uses it everyday)
Thanx in advance
1 .BehavesLike.Win32.Malware
2. Trojan.Win32.Generic!BT
3. Trojan-Dropper.Win32.Agent
4. Zango[780]
(see also actual messages in the code/snippet area within this page)
We also have installed in this PC: Avg antivirus, Malwarebytes' Anti-Malware, Spybot - Search & Destroy, SpywareBlaster, SpywareGuard and SUPERAntiSpyware.
These 7 software are run periodically and 3 of them (AVG, SpywareGuard and Spybot) are in memory always.
We need some explanation of our situation:
1. Why the 7 software never identified those four attackers?
2. Out of the 4 files infected, SQLassist (sqlassist.exe & sqlassist.dll) is a tool
for our SQL guy. How does those two files (sqlassist.exe & sqlassist.dll)
cause any problem (our SQL uses it everyday)
Thanx in advance
Description: c:\program files\sql assistant\data\sqlassist.dll Family Name: BehavesLike.Win32.Malware.klt (mx-v) Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: xxx
Description: c:\users\username\documents\tmg-trecorder32.exe Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 3 Family ID: 0 MD5: xxx
Description: c:\users\username\documents\convertsbatch&scipts-to-execs,exescript.exe Family Name: Trojan-Dropper.Win32.Agent.bjw Engine: 3 Clean status: Success Item ID: 4 Family ID: 0 MD5: xxx
Description: c:\users\username\documents\vlcsetup.exe Family Name: Zango[780] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: xxx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I didn't know that tidbit on Kaspersky as one of the most thorough.
yes that's what we were going to do, set ignore in ad-aware.
can you provide more online scanner you would recommended?
yes that's what we were going to do, set ignore in ad-aware.
can you provide more online scanner you would recommended?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
THANX
ASKER
Understood on the info. We also run it by http://www.kaspersky.com/virusscanner and it cam out clean, both SqlAssist files.
Yest the tool greyknight17 recommended http://www.virustotal.com, presented infection.
So we kind of confuse here.
- Are these 2 files really infected or is it a false positive as rpggamergirl indicates?
- Are there more online scanners that recommended that we can run it by?