Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


markwolk

101 posts

Master Geek


#8961 9-Aug-2006 21:40
Send private message

I usually have my Vodafone Connect Card plugged into my laptop at all times and use it occasionally. Today, I double-clicked on its icon and my Avast antivirus popped out instantly advising me that it contains a virus (win32:Agent-ATQ) which I moved to the Chest as recommended. Then, the Vodafone software prompted me for a reinstall and asked to insert the Vodafone installation CD, which I did.

The re-installation did not work at first, but after a few phone calls with Vodafone support (who obviously told me that the virus is not in Vodafone's software), I managed to reinstall the software. However the virus warning appeared again.

The first thing I did then was to run a scan with my Avast antivirus. It found 2 occurrences of

Sign of "Win32:Agent-ATQ [Trj]" has been found in "C:\Program Files\Vodafone\Vodafone Mobile Connect\UpdateX.dll" file.

and also

Sign of "Win32:Agent-ATQ [Trj]" has been found in "E:\Software\VMC\program files\Vodafone\Vodafone Mobile Connect\UpdateX.dll" file.

the latter being on Vodafone's installation CD, which was inserted in my CD drive at that time, and being scanned by Avast.

I then ran the scan at boot time and it found 2 more occurrences of the dll in C:\System volume information\_restore{5432 ...etc}. I put everything in the Chest.

Is Vodafone's CD infected? Anybody else experiencing this?

At this stage, I have removed the card and the CD from my laptop, and I am reluctant to put them back in.


Create new topic
freitasm
BDFL - Memuneh
79253 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

#43641 9-Aug-2006 21:42
Send private message

I recommend you perform an on-line scan with other tools. My Avast Server and Avast desktop both complained about a file that has been safely used for the last year, without any changes. I suspect it's a false positive.

I would expect virus to be reported on a new file, and then spread to other files. It's very unusual for a virus to show up on an old file, out of nothing.





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup




markwolk

101 posts

Master Geek


  #43642 9-Aug-2006 21:45
Send private message

Alright, I'll run an online scan tomorrow, although it might be too late now, as the suspicious files have been moved to Avast Chest. I'll keep you informed.

chiefie
I iz your trusted friend
5877 posts

Uber Geek

Retired Mod
Trusted
Lifetime subscriber

  #43643 9-Aug-2006 21:46
Send private message

I got that today too, which I think is false positive. After it was moved to the Chest, VMC doesn't work on the next run.

So I moved the file from Chest, back to VMC folder and renamed it back. And all worked again.


Oh yes, I am using Avast! 4 Home.




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 




markwolk

101 posts

Master Geek


  #43644 9-Aug-2006 22:00
Send private message

chiefie: Oh yes, I am using Avast! 4 Home.


I am using Avast! 4.7 Home too.

chiefie
I iz your trusted friend
5877 posts

Uber Geek

Retired Mod
Trusted
Lifetime subscriber

  #43645 9-Aug-2006 22:18
Send private message

hehe.. i say you'd be safe... it very highly be false-positive.




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 


johnr
19282 posts

Uber Geek
Inactive user


#43662 10-Aug-2006 09:51
Send private message

markwolk what version of VMC software you using thanks

There is no way its a virus

chiefie
I iz your trusted friend
5877 posts

Uber Geek

Retired Mod
Trusted
Lifetime subscriber

#43663 10-Aug-2006 09:55
Send private message

i'm using the latest version from Vodafone NZ site. And i get the Avast alert for the file updateX.dll. Weird huh?




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 


 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
freitasm
BDFL - Memuneh
79253 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

#43665 10-Aug-2006 10:05
Send private message

I see in the Avast forums a few people complaining about virus being found on Google toolbar and others, with the same Trojan found on my old software. I think it's a bunch of false positive.

Again, test with other software. Online scans from Trendmicro are good.





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


freitasm
BDFL - Memuneh
79253 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #43666 10-Aug-2006 10:08
Send private message




Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


markwolk

101 posts

Master Geek


  #43669 10-Aug-2006 10:30
Send private message

johnr: markwolk what version of VMC software you using thanks.(...) There is no way its a virus
I use 7.0.607.374. I was unaware that it is possible to upgrade online. I haven't had the time to do the online scans yet; I will keep you posted.

markwolk

101 posts

Master Geek


  #43699 10-Aug-2006 17:21
Send private message

OK, so I ran Panda online scan, the only online scan to my knowledge that allows scanning a CD inserted in the PC. It scanned Vodafone's CD and did not find any virus in it. I also ran Symantec's and Trendmicro's online scans of my hard drives, and nothing at all was detected. Avast's false positive seems like a good assumption.

Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.