AVIRA's TR/Dldr.Agen.126976

Osaban, have you tried the steps in the reply from AumHa?

 

Hi!

Thanks for letting me know . I noticed your post as well as some mal stuff showing in the HJT log . Follow their directions

Edit : they have alredy replied

 

Well Chapeau to AumHa, I will certainly follow their directions and post the results(I've just seen their answer). In the mean time I have uploaded some of the samples quarantined by Avira to Virus total, and they are not false positives. Kudos to Avira (although detection is one thing,it should also clean), but this experience is only proving to me that AVs companies are too unreliable, and if my computer has been clean for years, it was only due to my virtual program.

Does Wilders allow posting of Virus Total screenshots? If it does I have the screenshots ready.

 

Our policy concerning that matter is in the below thread.

This thread---> Policy Regarding the Posting of Jotti/Virus Total Results

As for your thread at the Aumha.org forum....you are in good hands with the individual that is assisting you in the first reply. Of course formatting is an option if nothing important is on the drive. Windows runs so smooth right after a fresh clean install.

Good luck,
Bubba

 

It is very strange when you are dealing with somebody who is trying to solve a problem analysing logs rather than name-calling. The expert who is helping me has already eliminated most of the malware on the Avira screenshot (post 12 of this thread). It is a time consuming experience, albeit very informative, and it is very nice to know there are people with a great deal of knowledge who are prepared to help in situations that are to say the least byzantine in their complexity as every system is different.

I also think that it doesn't help anybody to know who detected what at Virus Total. Any AV is better than no AV, but their disclaimer that nothing can be garanteed 100% is an alibi that won't hold for long if they want to exist in the near future.

I submitted 5 malware samples At Virus Total, and the detection rate was: 6 out 33 for the first, 4/33, 12/33, 4/33, 8/33. Pretty dismal performance if you ask me.

My son will continue to have an AV (he is 11 years old). I don't feel sorry not to use them anymore.

 

Well it's over, it took some time, but in the end my son's computer seems to be clean. Needless to say that it is beyond even very knowledgeable users the level of expertise shown by the person who helped me:

http://aumha.net/viewtopic.php?t=29754

(this is the thread at aumha forum for whoever wants to read logs!). What also really struck me are the tools that were used to analyse and clean the computer, names that i have never heard in this forum, obviously not meant for general users.

I doubt, I will ever get these kind of infections, here at Wilders we are practising what in medical terms is called prophylaxis, that's why we never get infected. It is good to know they are there for emergencies.

 

Nice to see you're clean now. They seem to be professional there at aumha forums. What AV are you going to use in the future ?

 

I myself don't use any AV (almost 2 months now). My son's computer still has Avira which has detected all the malware that I know of (Let me emphasize 'detected') I'm pretty sure it was already there when I installed Avira, but it just couldn't clean it, and to be fair most of the other companies didn't detect anything (no names, we are all friends).

I think it would be interesting to know how many AVs detect AND clean what they find.
The bottom line is if you rely on an AV only, sooner or later you will get infected. A sandbox application is an absolute must.

 

I don't think a sandbox application is a necessity. I don't get infected and I go long periods with only an on demand AV and only Spyware Blaster for spyware. I do use ProcessGuard full version and the Proxomitron. With those, and practicing safe computing, and avoiding IE, I have no problems. I have only had ONE virus in over 8 years of computing and that was a stealth boot virus on a brand new store bought floppy which I didn't scan because I didn't know a new blank floppy from a store could have a virus. The "necessity" is the user practicing safe computing not a sandbox. Proxo and PG help a user tremendously to practice safe computing. They are far more important than a sandbox I think.

 

Not really, but with a sandbox, on-demand AV + Spyware Blaster + ProcessGuard + Proxomitron are nothing but dead weight.

 

Unless of course one goes to a hijacked website, then a sandbox would have saved the day...