AVG found Trojan. Help please

  bof:) 14:36 31 Oct 06
Locked

Hi all, whilst scanning with Widows Defender, AVG popped up sayin virus detected. It was

Trojan Horse Downloader.Agent.GPZ

Pathway: c:\windows\system32\activescan\sporder.dll

I scanned with Ewido, A-Squared and Windows Defender, (all updateed) nothing was found.

Housecall and Nortons online scanners would not work.

A 2nd scan with AVG found Agent.GPZ in two locations now, the one listed above and
c:\system volume Information\_restore

I've put the virus in AVG virus vault but it wii not heal.

Anyone know of a fix for this?

Thankyou

Mike

  VoG II 14:45 31 Oct 06

Turn system restore off then on again to remove the one in the restore point.

  VoG II 14:46 31 Oct 06

Also see click here

  bof:) 16:05 31 Oct 06

Hi VoG™, thanks for the links, I've reset System Restore and run BitDefender which was clear.

If the virus is in the

'\system32\activescan\sporder.dll'

is this the same as being in just sysytem32 folder???

Mike

  VoG II 16:37 31 Oct 06

No it isn't but I'm wondering if this is a false positive detection.

  bof:) 16:56 31 Oct 06

ok, I've just scanned with Housecall and it found only 'Adware_CSSWEB' which it says causes popup's but I have not been getting any.

I'll go and have a look on the AVG forums page to see if there is any mention of sporder.dll being detected as a false positive.

thanks for your help again,

Mike

  Scouter 18:15 31 Oct 06

that it was not just AVG that flagged it as a virus trojan. See this link to get details of dll

click here

Hope this helps

  bof:) 18:26 31 Oct 06

found this on the AVG free forums:

click here

I've checked the pathway given by this link and sporder.dll is in the AVG free pathway. But it was not detected by AVG as a problem.

If the one found by my AVG scan was in the system32\active scan, is this the active scan performed by ie. Windows Defender or AVG etc?

Mike

  bof:) 18:36 31 Oct 06

Hi Scouter, because the sporder.dll was in system32\Active scan pathway is this different to where it says it should be on the link you gave?

How well do you know the website you gave because there's a free virus scan check on there but I'm wary of using scans from sites I'm not sure of?

Thanks for your help,

Mike

  davidpr 18:38 31 Oct 06

Download Prevx 1 and erforma scan. The download and the scan is free.

  Scouter 18:49 31 Oct 06

I've checked my two systems both have sporder, one spelt SpOrder.dll in windows/system32 the other in c:/programme files/grisoft/avg. I use the pro version of AVG (7.5) and it has not identified any of these as a threat or trojan. I do n ot have a path system32/active scan.

I do not know the site, never used it only supplied link as it gave a description of sporder.dll. Looking at the link you gave it points to messages from 2005 - so it shows that AVG among others has identified the fil at times as a trojan. As VoG suggests this may be a case of a false positive by AVG.

This thread is now locked and can not be replied to.

Sniper Elite 4 review: Headshotting Nazis has never felt so good

1995-2015: How technology has changed the world in 20 years

The Fresh New Fonts of 2017

WWDC 2017 dates: How to get WWDC 2017 tickets, when is WWDC 2017 and more details announced