Can you post what exactly is reported by Avira, and what's the location of infected file?
Printable View
Can you post what exactly is reported by Avira, and what's the location of infected file?
I will post it as soon as it pops back up. Don't think it gives a location, but it asks if I want to deny access or allow. Avira is the only scan that finds it. I did read some place that there are several false positives but supposedly Avira has a fix for it.
Thanks Broni.
OK. Keep us posted :)
Ok, it only shows up at bootup or with a avira scan. The location is C:\\Windows\system32\rasalobj.dll. I searched for this and it did not show up. I read on Avira that it may be a false positive (I do not like the "may" part) and it should have been fixed in the last update, but mine is updated daily.
Thanks for any info.
rasalobj.dll doesn't yield any results on Google, so it can't be any legit file.
Let's see...
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
Note: The log can also be found on your Desktop entitled SystemLook.txt
- Double-click SystemLook.exe to run it.
- Vista users:: Right click on SystemLook.exe, click Run As Administrator
- Copy the content of the following box into the main textfield:
Code::filefind
rasalobj.dll
- Click the Look button to start the scan.
- When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Thanks Broni. I will do this when I get home this evening.
The systemlook file will not run. I tried both mirror sites.
The crypt.zpack is also in another spot today C:\\ SystemvolumnInformation\...\A0001729.dll
What happens?Quote:
The systemlook file will not run
This is not a big deal. It's your restore point.Quote:
The crypt.zpack is also in another spot today C:\\ SystemvolumnInformation\...\A0001729.dll
Turn system restore off, restart computer, and turn it back on.
The notepad box opens but it will not scan or anything else. The program will download but will do nothing else.
Try different script:
Code::dir
C:\Windows\system32
Sorry for my delay in posting back. I could never get the system look to work. The only scan that found the trojan was Avira. No other program ever found that same trojan. I have uninstalled Avira and installed another AV program, so far so good, no trojan. Thanks for the help.
You're welcome :)