Windows 7 - AVG found trojan SHeur4.MTZ in BatteryLifeExtender?!

Okay, so while I was watching TV (on the TV), my AVG Resident Shield thing popped up with multiple thread detection. Apparently I have five infections of "Trojan horse SHeur4.MTZ." Googling it did not come up with the specific trojan.

These were all found in the Samsung Support Center and BatteryLife extenders.

The results:

c:\Program Files (x86)\Samsung\BatteryLifeExtender\Drv\SABI2x86\KStartMem.exe
c:\Program Files (x86)\Samsung\Samsung Support Center\Drv\drv2x86\KStartMem.exe

My options are to "Remove selected," "Remove all unhealed," and "Close." If I right click on one, it says "Move to vault" and "Go to file." I clicked "Remove selected" and they were moved to the vault.

What does the virus do? What is KStartMem.exe? Should I take any further action?

Edit: Did a virus scan and the virus came up in some more places. Lovely.

D:\SystemSoftware\BASW-01314A\BLE_Setup.msi\_D1916ABB420E953A1F6ECB8cFDACD69C:\_BA8F88163136405BA3AF746835FC96DF
D:\SystemSoftware\BASW-01314A\BLE_Setup.msi\_D1916ABB420E953A1F6ECB8cFDACD69C
D:\SystemSoftware\BASW-01314A\BLE_Setup.msi
C\Windows\Installer\1191e.msi:\_D1916ABB420E953A1F6ECB8cFDACD69C:\_BA8F88163136405BA3AF746835FC96DF
C\Windows\Installer\1191e.msi:\_D1916ABB420E953A1F6ECB8cFDACD69C
C\Windows\Installer\1191e.msi:

I'm trying to remove these objects, but I'm getting the message:
Moved object is bigger than the archive size limit
Object mentioned below is bigger than maximum size permitted
D:\SystemSoftware\BASW-01314A\BLE_Setup.msi
C\Windows\Installer\1191e.msi:

So . . . what do I do?

I AM HAVING THE SAME PROBLEM!!!! I was watching TV and all of a sudden my AVG popped up with the same Trojan! I can't find any information on the Internet on how to remove it, because when I try to remove it with my AVG, it says that removing it may cause my system to become unstable. I also can't remove it to the Virus Vault, due to the same issue of the files being bigger than my archive size.

well i found this article that explains what it does
http://www.eset.eu/encyclopaedia/msi...kit-gen?lng=en
about it not removeing im not sure i say wait for someone with more knowledge about this then me ,sorry i cant really help but don't worry i'm certain somebody here can help you
EDIT:anyways best advice i could give is download malwarebytes and scan your system and try to remove it with that http://www.malwarebytes.org/

also try to scan it with SAS,i took off a couple nasties with this when malwarebytes failed me before http://www.superantispyware.com/

Hi there,

I also have the virus in 5 locations and 2 of them I have in the virus vault. The other three say that it they are too large to move. I am also trying to find out how to get rid of these. Can someone help?

These are the 3 files that I can not move

C:\Windows\Installer\777c4.msi
\_BA8F8816136405BA3AF7468
\_1A1C8CC4CAF00E54302118F

These are the 2 files I have in the virus vault

C:\Program Files (x86) Samsung\Samsung Support Centre\Drv\drv2x86\KStartMem.exe

C:\Program Files (x86) Samsung\BatteryLifeExtender\Drv\SAB12x86KStartMem.exe


Any help would be greatly appricated.

Thanks

im having the same issue. hopefully figure out how to resolve this....please post if you figure it out first!

it seems like a false postive switch the Microsoft sercurity Essentials instead. it's free and better than AVG.

Welcome to Seven Forums solaris326, powereyeguy and kancerr. Submit the files to Virus Total, and see what 43 AV have to say about them. A Guy

Not a very helpful post to people seeking advice /support with a problem.

virus total came up with no results ;/

i think it is a false positive. everybody who has it has a samsung... only avg is picking it up.