1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Do I Have Malware?

Discussion in 'Malware Removal Help' started by N3, Oct 13, 2020.

  1. N3

    N3 Registered Members

    Joined:
    Dec 26, 2013
    Messages:
    318
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Lenovo
    I did a full scan with Avira Antivirus Pro, 8.0.8. (Updated). It stated i have the following; TR/crypt.ZPACK.Gen2. I placed the above in quarantine. I checked the internet & it stated it could possibly be a false/positive? Afterwards I did a scan with with Malwarebytes AdwCleaner & nothing showed up. I'm running Windows 7 professional 64. Suggestions or advice would be appreciated.
     
  2. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,107
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
  3. starbuck

    starbuck Administrator - Malware Removal Specialist Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,595
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi N3,

    This has been going on for years now.
    TR/Crypt. XPACK. Gen is the generic name for Heuristic threats detected by Avira and categorized as unknown Trojans.
    So basically anything that it doesn't recognise could be thrown up as this.
    Maybe one of your programs updated and a particular file got updated.
    It would help if we knew what file was thrown up by Avira.
    Have a look in the quarantine folder and see what the file name and path was.
     
  4. starbuck

    starbuck Administrator - Malware Removal Specialist Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,595
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    N3,

    Can you confirm the version of Avira that you are using. according to their list.... V8 is old and out of date.
    These are the current versions.

    avira.PNG
     
  5. N3

    N3 Registered Members

    Joined:
    Dec 26, 2013
    Messages:
    318
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Lenovo
    Oops: It appears that i had three threats, 15 hours ago which are all in quarantine.
    My Avira version is: 1.0.38.12222

    Threat Name Item Name File Path

    Detected threat EOSv3Scheduler on C:\Windows\System32\tasks\EOS

    TR\Crypt.ZPACK Tf5hduM6.exe.part C:\Users\henry\AppData\Local\Te

    Detected threat EOSv3Scheduler on C:\Windows\System32\tasks\EOS
     
  6. starbuck

    starbuck Administrator - Malware Removal Specialist Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,595
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi N3,

    Do you happen to have any Cannon (camera) software installed on your system?
     
  7. N3

    N3 Registered Members

    Joined:
    Dec 26, 2013
    Messages:
    318
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    Lenovo
    No cannon camera software on my system.
     
  8. starbuck

    starbuck Administrator - Malware Removal Specialist Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,595
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi N3,

    Ok, let's take a better look then.....

    For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.

    • Right-click on the downloaded program icon for FRST and select Run As Administrator
    • When the tool opens click Yes to the disclaimer.
    • Make sure that Addition.txt is selected at the bottom.
    • Press Scan button.

      [​IMG]
    • It will make a log (FRST.txt) in the same directory the tool is run (Desktop). Please copy and paste it to your reply.
    • FRST also makes another log (Addition.txt). Please copy and paste this to your reply as well.
     

Share This Page