Author Topic: Virus!  (Read 3128 times)

0 Members and 1 Guest are viewing this topic.

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Virus!
« on: December 20, 2012, 11:43:12 PM »
I just scanned my phone and it found a virus! It was PornoXXX.apk now why did the web shield not pick it up and what kind of virus was it?
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 65687
Re: Virus!
« Reply #1 on: December 21, 2012, 12:33:56 AM »
Can you copy this file to the computer and send it to www.virustotal.com for analysis?
Which was the name of the virus reported by the scanner?
The best things in life are free.

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #2 on: December 21, 2012, 01:50:34 AM »
I got rid so I can't anymore sorry.
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline cooby

  • Poster
  • *
  • Posts: 437
Re: Virus!
« Reply #3 on: December 21, 2012, 01:53:51 AM »
Can you copy this file to the computer and send it to www.virustotal.com for analysis?
Which was the name of the virus reported by the scanner?
Tech, you can also use the VT application, I did once, it worked nicely
https://play.google.com/store/apps/details?id=com.virustotal&hl=en
1. Toshiba Satellite A75, Windows XP-Pro-SP3, Avast! free v9, Sunbelt Firewall 4.7.4.0, SSM, Opera 12.17, SeaMonkey+NoScript, mvps hosts, (MalwareBytes updated and run on demand only, rarely used), Acronis v11, SUMo
2. Toshiba Thrive tablet (rooted) ICS, AdAway (hosts), Opera, Avast Mobile Security 3.0.7801, Titanium Backup, App Backup&Restore

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #4 on: December 21, 2012, 02:03:00 AM »
I have the android app. Google bought virus total anyhow.
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #5 on: December 21, 2012, 02:52:39 AM »
Android:FakeInst-CE [Trj]
 file:///mnt/sdcard/download/
PornoXXX.apk
 20.12.2012 23:19 Virus Scanner
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline Filip Havlicek

  • Avast team
  • Massive Poster
  • *
  • Posts: 2447
Re: Virus!
« Reply #6 on: December 21, 2012, 07:33:00 AM »
Hi,

as it says in the Web Shield description, it protects you from malicious/phishing websites, it does not scan files you download.

Filip

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #7 on: December 21, 2012, 12:11:57 PM »
So in a nutshell if I did not do a full scan of my phone it would of never been discovered for maximum another week. (Remember that as default AMS is set to only do a full scan once a week.) Not very proactive is it. Anyhow semi rant over is there plans for the web shield in AMS to scan files? I believe AIS does that with it's web shield. 

As a footnote I am not sure that the  automatic scan is enabled as default as I can't remember but seen there is a box to tick I would think not.
« Last Edit: December 21, 2012, 12:25:17 PM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline Filip Havlicek

  • Avast team
  • Massive Poster
  • *
  • Posts: 2447
Re: Virus!
« Reply #8 on: December 21, 2012, 02:10:48 PM »
Hi,

remember that Windows is a completely different OS than Android. While almost everything is possible on Windows if you put enough effort in it, Android is very, VERY limited. I don't know about plans since I don't do those, but I can tell you I know how to do it, I'm willing to do it and just need time to do it. If someone else decides to put it into the plans, I will be happy to implement it.

Filip

As a footnot, I don't think automatic scan is enabled by default.

Offline Jan Svehlak

  • Avast team
  • Poster
  • *
  • Posts: 522
Re: Virus!
« Reply #9 on: December 21, 2012, 02:31:52 PM »
I think there is always shield on - so in case you will try to run the application, virus scanner will react immediately.

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #10 on: December 21, 2012, 02:32:15 PM »
Filip I'll do it! Ahhh if only! Who do I speak to for them to give you the time to do it?
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #11 on: December 21, 2012, 02:33:38 PM »
That's great but what if you don't run it............? It will stay there indefinitely which it all a trojan needs.
« Last Edit: December 21, 2012, 02:39:36 PM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline Filip Havlicek

  • Avast team
  • Massive Poster
  • *
  • Posts: 2447
Re: Virus!
« Reply #12 on: December 21, 2012, 03:37:14 PM »
The thing is that malware on Android needs to be installed first in order to do it's bad job. If it's only downloaded on SD card, it won't do anything at all unless installed.

I think I shouldn't give you any names, might be a bad time for me after you wrote them ;)

Filip

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #13 on: December 21, 2012, 05:17:00 PM »
Lol I won't be mean honest! :-) Well can I at least then have someone to pitch some suggestions to? Do you have a AMS wishlist? If not you should have as it's a way of getting people like me in touch or at least looked on by the developers. Maybe not in touch with on a one to one level but it might show as a whole what the users want. Which could be used to steer the development team.
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

Offline patrice58

  • Poster
  • *
  • Posts: 544
  • I'm a llama!
Re: Virus!
« Reply #14 on: December 21, 2012, 05:23:57 PM »
The thing is that malware on Android needs to be installed first in order to do it's bad job. If it's only downloaded on SD card, it won't do anything at all unless installed.

It was installed tho on the SD card it I believe went on as a download (not prompted by me I might add! I saw it, saw the filename thought oh no pressed cancel and thought that was that.) Or do you mean downloaded as an non SD card app?

I think I shouldn't give you any names, might be a bad time for me after you wrote them ;)

I totally understand Filip as I in NO WAY would want to get you into any sort of trouble.
Filip
« Last Edit: December 21, 2012, 05:26:37 PM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,