Trojan in omega 5.7??

Pelk

How come that when i ran my antivirus today it found a Trojan Horse Downloader.agent.xs in the installation file for omegadriver 5.7?(2653). Can the virus has come there after i downloaded the file because ive been having it quite long now and i have scanned for virus before but then it didnt find anything.strange. However i deleted the file, but do you know if this virus may still be on the computer? I used Avg but maybe there is some better free antivirus.

Ps:my english may not be the best

Warpy

Perhaps your pc is infected with a virus and has infected any exe files that you run... I'd say if this file was in fact infected with a nasty virus, you would be one of thousands with this problem. Perhaps run a virus scan on your PC and an adaware scan too.

Adaware

Spybot S+D

__________________

Pelk

I found the virus when i ran a virus scan, then i deleted it. Im runing it again to see if it find anything more. I didnt find anything with adaware, so if i dont find it with avg the second time can i consider it to be gone then? or is it something more i can do?

Warpy

There are free online scans that I'd recommend like this one: Trend Micro Scan , and this one: Norton Scan

Run the adaware and S+D, reboot your PC when the scan is compete and then run the online scan with that link I gave you, then you should be clear.

__________________

The_Neon_Cowboy

Just a side notes:

1) make sure you download things from offical mirrors or god knows
what people can pack inside.

2)Also that it can be a false positive wich hapen frequently with the more
abscure antiviruses

3) be careful the sites you visit, some use expolits in IE to load crap on your pc silently.

__________________

sc3000

This is the ultimate online scanner, http://www.pandasoftware.com/products/activescan.htm

H3X4D3C1M4L

A false positive in this case would be more widespread because it would contain a binary sequence that's universal to all packages and if it resembled a virus, obscure or not, I'm sure more people would notice.

Pelk

I used the online scanner that sc3000 recommended and it found 2 things that none of the others found. It was in the category "hacking tools" and it was found in a hidden map ( C:/windows/system/driver). The file was named ntsrv.exe. i couldnt remove it or anything with the program and even if i scan that exact file with AVG it finds no virus. I dont really know if its good to just delete the file. I cant really remember where the other file was but i will check it out.


EDIT:The other one was found in C:\windows\system32\dllcache\win32 and was called psshutdown.exe. The description for the file was: shutdown,logoff and power manage local and remote systems. The company was www.sysinternal.com .

Anyone knows what i should do with these files? is it safe to delete them?

Omegadrive

Guys, I got a few emails telling me about this, I checked my files with my AV (Kapersky) and found nothing, also, we did a scan on the server, nothing, the server is protected 24/7 from virus using NOD32, and it haven't reported anything either.
It is safe to say this is yet ANOTHER false-positive from AVG (which I don't know why people keep using since it detects too many false-positives). Try updating your virus definitions or use another AV. You can rest well tonight.

__________________

DRIVERHEAVEN ADMINISTRATOR

<<E-MAIL>> <<PC SPECS>>

GOD BLESS YOU ALL!

swimtech

I use the German AntiVir program - works great and doesn't seem to use as many clock cycles as AVG.

Tonite eh? Thanks Omegadrive!

__________________
It's not so much getting your way that matters or not - what matters is how you go about getting it.