Author Topic: Virus!  (Read 2578 times)

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Virus!
« on: December 20, 2012, 09:43:12 PM »
I just scanned my phone and it found a virus! It was PornoXXX.apk now why did the web shield not pick it up and what kind of virus was it?
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline Tech

  • avast! team
  • Certainly Bot
  • *
  • Posts: 64867
  • Gender: Male
    • Personal Message (Offline)
Re: Virus!
« Reply #1 on: December 20, 2012, 10:33:56 PM »
Can you copy this file to the computer and send it to www.virustotal.com for analysis?
Which was the name of the virus reported by the scanner?
The best things in life are free.

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #2 on: December 20, 2012, 11:50:34 PM »
I got rid so I can't anymore sorry.
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline cooby

  • Sr. Member
  • ****
  • Posts: 373
    • Personal Message (Offline)
Re: Virus!
« Reply #3 on: December 20, 2012, 11:53:51 PM »
Can you copy this file to the computer and send it to www.virustotal.com for analysis?
Which was the name of the virus reported by the scanner?
Tech, you can also use the VT application, I did once, it worked nicely
https://play.google.com/store/apps/details?id=com.virustotal&hl=en
1. Toshiba Satellite A75, Windows XP-Pro-SP3, Avast! free 2014.9.0.2016, Sunbelt Firewall 4.7.4.0, SSM, Opera 12.16, SeaMonkey+NoScript, mvps hosts, (MalwareBytes updated and run on demand only, rarely used)
2. Toshiba Thrive tablet (rooted), AdAway (hosts), Opera, Avast Mobile Security 2.0.4304

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #4 on: December 21, 2012, 12:03:00 AM »
I have the android app. Google bought virus total anyhow.
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #5 on: December 21, 2012, 12:52:39 AM »
Android:FakeInst-CE [Trj]
 file:///mnt/sdcard/download/
PornoXXX.apk
 20.12.2012 23:19 Virus Scanner
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Online Filip Havlicek

  • Moderator
  • Super Poster
  • *
  • Posts: 2316
  • Gender: Male
    • Personal Message (Online)
Re: Virus!
« Reply #6 on: December 21, 2012, 05:33:00 AM »
Hi,

as it says in the Web Shield description, it protects you from malicious/phishing websites, it does not scan files you download.

Filip

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #7 on: December 21, 2012, 10:11:57 AM »
So in a nutshell if I did not do a full scan of my phone it would of never been discovered for maximum another week. (Remember that as default AMS is set to only do a full scan once a week.) Not very proactive is it. Anyhow semi rant over is there plans for the web shield in AMS to scan files? I believe AIS does that with it's web shield. 

As a footnote I am not sure that the  automatic scan is enabled as default as I can't remember but seen there is a box to tick I would think not.
« Last Edit: December 21, 2012, 10:25:17 AM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Online Filip Havlicek

  • Moderator
  • Super Poster
  • *
  • Posts: 2316
  • Gender: Male
    • Personal Message (Online)
Re: Virus!
« Reply #8 on: December 21, 2012, 12:10:48 PM »
Hi,

remember that Windows is a completely different OS than Android. While almost everything is possible on Windows if you put enough effort in it, Android is very, VERY limited. I don't know about plans since I don't do those, but I can tell you I know how to do it, I'm willing to do it and just need time to do it. If someone else decides to put it into the plans, I will be happy to implement it.

Filip

As a footnot, I don't think automatic scan is enabled by default.

Offline Jan Svehlak

  • avast! team
  • Poster
  • *
  • Posts: 521
    • Personal Message (Offline)
Re: Virus!
« Reply #9 on: December 21, 2012, 12:31:52 PM »
I think there is always shield on - so in case you will try to run the application, virus scanner will react immediately.

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #10 on: December 21, 2012, 12:32:15 PM »
Filip I'll do it! Ahhh if only! Who do I speak to for them to give you the time to do it?
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #11 on: December 21, 2012, 12:33:38 PM »
That's great but what if you don't run it............? It will stay there indefinitely which it all a trojan needs.
« Last Edit: December 21, 2012, 12:39:36 PM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Online Filip Havlicek

  • Moderator
  • Super Poster
  • *
  • Posts: 2316
  • Gender: Male
    • Personal Message (Online)
Re: Virus!
« Reply #12 on: December 21, 2012, 01:37:14 PM »
The thing is that malware on Android needs to be installed first in order to do it's bad job. If it's only downloaded on SD card, it won't do anything at all unless installed.

I think I shouldn't give you any names, might be a bad time for me after you wrote them ;)

Filip

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #13 on: December 21, 2012, 03:17:00 PM »
Lol I won't be mean honest! :-) Well can I at least then have someone to pitch some suggestions to? Do you have a AMS wishlist? If not you should have as it's a way of getting people like me in touch or at least looked on by the developers. Maybe not in touch with on a one to one level but it might show as a whole what the users want. Which could be used to steer the development team.
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline patrice58

  • Poster
  • *
  • Posts: 524
  • Gender: Male
  • I'm a llama!
    • Personal Message (Offline)
Re: Virus!
« Reply #14 on: December 21, 2012, 03:23:57 PM »
The thing is that malware on Android needs to be installed first in order to do it's bad job. If it's only downloaded on SD card, it won't do anything at all unless installed.

It was installed tho on the SD card it I believe went on as a download (not prompted by me I might add! I saw it, saw the filename thought oh no pressed cancel and thought that was that.) Or do you mean downloaded as an non SD card app?

I think I shouldn't give you any names, might be a bad time for me after you wrote them ;)

I totally understand Filip as I in NO WAY would want to get you into any sort of trouble.
Filip
« Last Edit: December 21, 2012, 03:26:37 PM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now