Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: electronikus on April 27, 2004, 03:07:01 PM
-
I recently downloaded a keygen from the internet. ::) I scanned it with Avast! which didn't warn me about a virus/trojan.
I executed the file. After a few seconds my firewall (sygate personal) informed me that the file "mspatchsec.exe" in "windows/system32" tries to connect to some strange IP.
I declined access and deleted the file which actually did the job!
But why didn't Avast! see it?
I can send you the file for further testing, do you want that?
(I would have to download it again from the Overnet-Network but I have it in front of my eyes right now, it's still around there, now with a txt-warning from other users).
-
EDIT: please send the file to
virus (at) asw (dot) cz
and exercise more caution in future on what you click; keygen's/filesharing-progs/warez are notoriously for trojans
and NO VirusScanner catches everything
;)
-
Thanks for your good advice. Actually I'm very carefully and updated with my system. It just slipped through this time.
I'm re-downloading the file and will send it to the address you provided soon. Hope you can trace this little bastard then.
Btw: After I got infected I rushed to google and searched for the trojan. I only found a very few postings on the net. Either the trojan is new or not very much spread, anyway, all I read was that other systems got infected and if I rememver correctly they did not run avast but antivir and norton I think.
Check your mail in a few minutes. You'll receive a trojan. ;D
-
Uh!? The mail got back: Mailer Demon
(reason: 550 5.1.1 <aXaXt@aXw.cX>... User unknown)
-
Wrong adresse. Use virus instead of avast ! :)
What does http://www.kaspersky.com/remoteviruschk.html say about this file?
-
Allright, the mail is on it's way right now.
Good luck and maybe some fun. ;)
...I will check the kaspersky check now!
-
Whoopie!
Infected: TrojanDropper.Win32.Reur
If I interpret the following page correctly the trojan I sent you is known @Kaspersky since 23rd of April 2004? Brandnew?
http://download2.avp-de.com/avpfiles/databases/up040423.txt
-
Do we have a new friend? ;)
-
That trojan is discovered on 5 march 2004. The date you mentioned is the date Kaspersky updated that entire list and does not say anything about the date of recovery of the virusses listed there.
-
I recently downloaded a keygen from the internet. ::)
Actually I'm very carefully ... with my system.
This IS a bit of a contradiction ;D ;D ;)
-
Ok, so the virus is quite new.
Yeah, of course you're right. Downloading warez and living secure is a contradiction. It comes close to living secure and going online with Windows. ;D
Anyway, I hope you'll add it to your virus-list...
...so I can maybe use that keygen.
...just kidding. ;D