Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




94 posts

Master Geek


Topic # 8961 9-Aug-2006 21:40
Send private message

I usually have my Vodafone Connect Card plugged into my laptop at all times and use it occasionally. Today, I double-clicked on its icon and my Avast antivirus popped out instantly advising me that it contains a virus (win32:Agent-ATQ) which I moved to the Chest as recommended. Then, the Vodafone software prompted me for a reinstall and asked to insert the Vodafone installation CD, which I did.

The re-installation did not work at first, but after a few phone calls with Vodafone support (who obviously told me that the virus is not in Vodafone's software), I managed to reinstall the software. However the virus warning appeared again.

The first thing I did then was to run a scan with my Avast antivirus. It found 2 occurrences of

Sign of "Win32:Agent-ATQ [Trj]" has been found in "C:\Program Files\Vodafone\Vodafone Mobile Connect\UpdateX.dll" file.

and also

Sign of "Win32:Agent-ATQ [Trj]" has been found in "E:\Software\VMC\program files\Vodafone\Vodafone Mobile Connect\UpdateX.dll" file.

the latter being on Vodafone's installation CD, which was inserted in my CD drive at that time, and being scanned by Avast.

I then ran the scan at boot time and it found 2 more occurrences of the dll in C:\System volume information\_restore{5432 ...etc}. I put everything in the Chest.

Is Vodafone's CD infected? Anybody else experiencing this?

At this stage, I have removed the card and the CD from my laptop, and I am reluctant to put them back in.


Create new topic
BDFL - Memuneh
60290 posts

Uber Geek
+1 received by user: 11345

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 43641 9-Aug-2006 21:42
Send private message

I recommend you perform an on-line scan with other tools. My Avast Server and Avast desktop both complained about a file that has been safely used for the last year, without any changes. I suspect it's a false positive.

I would expect virus to be reported on a new file, and then spread to other files. It's very unusual for a virus to show up on an old file, out of nothing.







94 posts

Master Geek


  Reply # 43642 9-Aug-2006 21:45
Send private message

Alright, I'll run an online scan tomorrow, although it might be too late now, as the suspicious files have been moved to Avast Chest. I'll keep you informed.

 
 
 
 


Try Wrike: fast, easy, and efficient project collaboration software
I iz your trusted friend
5779 posts

Uber Geek
+1 received by user: 137

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 43643 9-Aug-2006 21:46
Send private message

I got that today too, which I think is false positive. After it was moved to the Chest, VMC doesn't work on the next run.

So I moved the file from Chest, back to VMC folder and renamed it back. And all worked again.


Oh yes, I am using Avast! 4 Home.




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 




94 posts

Master Geek


  Reply # 43644 9-Aug-2006 22:00
Send private message

chiefie: Oh yes, I am using Avast! 4 Home.


I am using Avast! 4.7 Home too.

I iz your trusted friend
5779 posts

Uber Geek
+1 received by user: 137

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 43645 9-Aug-2006 22:18
Send private message

hehe.. i say you'd be safe... it very highly be false-positive.




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 


19282 posts

Uber Geek
+1 received by user: 2600
Inactive user


Reply # 43662 10-Aug-2006 09:51
Send private message

markwolk what version of VMC software you using thanks

There is no way its a virus

I iz your trusted friend
5779 posts

Uber Geek
+1 received by user: 137

Mod Emeritus
Trusted
Lifetime subscriber

Reply # 43663 10-Aug-2006 09:55
Send private message

i'm using the latest version from Vodafone NZ site. And i get the Avast alert for the file updateX.dll. Weird huh?




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 


BDFL - Memuneh
60290 posts

Uber Geek
+1 received by user: 11345

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 43665 10-Aug-2006 10:05
Send private message

I see in the Avast forums a few people complaining about virus being found on Google toolbar and others, with the same Trojan found on my old software. I think it's a bunch of false positive.

Again, test with other software. Online scans from Trendmicro are good.







94 posts

Master Geek


  Reply # 43669 10-Aug-2006 10:30
Send private message

johnr: markwolk what version of VMC software you using thanks.(...) There is no way its a virus
I use 7.0.607.374. I was unaware that it is possible to upgrade online. I haven't had the time to do the online scans yet; I will keep you posted.



94 posts

Master Geek


  Reply # 43699 10-Aug-2006 17:21
Send private message

OK, so I ran Panda online scan, the only online scan to my knowledge that allows scanning a CD inserted in the PC. It scanned Vodafone's CD and did not find any virus in it. I also ran Symantec's and Trendmicro's online scans of my hard drives, and nothing at all was detected. Avast's false positive seems like a good assumption.

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Exhibition to showcase digital artwork from across the globe
Posted 23-May-2018 16:44


Auckland tops list of most vulnerable cities in a zombie apocalypse
Posted 23-May-2018 12:52


ASB first bank in New Zealand to step out with Garmin Pay
Posted 23-May-2018 00:10


Umbrellar becomes Microsoft Cloud Solution Provider
Posted 22-May-2018 15:43


Three New Zealand projects shortlisted in IDC Asia Pacific Smart Cities Awards
Posted 22-May-2018 15:14


UpStarters - the New Zealand tech and innovation story
Posted 21-May-2018 09:55


Lightbox updates platform with new streaming options
Posted 17-May-2018 13:09


Norton Core router launches with high-performance, IoT security in New Zealand
Posted 16-May-2018 02:00


D-Link ANZ launches new 4G LTE Dual SIM M2M VPN Router
Posted 15-May-2018 19:30


New Panasonic LUMIX FT7 ideal for outdoor: waterproof, dustproof
Posted 15-May-2018 19:17


Ryanair Goes All-In on AWS
Posted 15-May-2018 19:14


Te Papa and EQC Minecraft Mod shakes up earthquake education
Posted 15-May-2018 19:12


Framing Facebook: It’s not about technology
Posted 14-May-2018 16:02


Vocus works with NZ Police and telcos to stop scam calls
Posted 12-May-2018 11:12


Vista Group signs Aeon Entertainment, largest cinema chain in Japan
Posted 11-May-2018 21:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.