Author Topic: avast detects prefetched trojan...  (Read 17558 times)

0 Members and 1 Guest are viewing this topic.

Offline justin1278

  • Advanced Poster
  • **
  • Posts: 1072
Re: avast detects prefetched trojan...
« Reply #15 on: May 30, 2006, 07:57:18 PM »
It is possible, or it is also possible that this is a False Positive detected by avast! there is really no way to tell. But regardless I would not risk this.
My PC's

Compaq Presario:
Windows Vista Ultimate SP1
AMD Athlon 3800+ 2.4 GHz
2 GB RAM

Sony Vaio:
Windows XP Professional SP3 [Tester]
Intel Pentium M 1.86 GHz
1.5 GB RAM

Offline Jorasik

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 423
    • My website (in bulgarian)
Re: avast detects prefetched trojan...
« Reply #16 on: May 30, 2006, 08:04:21 PM »
Well when i opened the page there was an error the selected page was not found 303 304(not the whole page but some part of it)
I have KIS so there is a firewall included and no any alert for outbound connection.
Winpatrol doesn't detect any changes (as I too no new processes and startup items.)
I guess there's nothing to worry about  ::)

BTW I think it's not false positive because siteadviros was red
« Last Edit: May 30, 2006, 08:05:54 PM by Neron »

Offline justin1278

  • Advanced Poster
  • **
  • Posts: 1072
Re: avast detects prefetched trojan...
« Reply #17 on: May 30, 2006, 08:07:33 PM »
Ya I noticed that SiteAdvisor gave it a red flag too. Maybe Kespersky blocked it. I'm not sure, but it sounds like the trojan didn't get to you.
My PC's

Compaq Presario:
Windows Vista Ultimate SP1
AMD Athlon 3800+ 2.4 GHz
2 GB RAM

Sony Vaio:
Windows XP Professional SP3 [Tester]
Intel Pentium M 1.86 GHz
1.5 GB RAM

Offline justin1278

  • Advanced Poster
  • **
  • Posts: 1072
Re: avast detects prefetched trojan...
« Reply #18 on: May 30, 2006, 08:13:45 PM »
After testing the link I have found that this site gives free websites supposedly. http://ds4a,com is connected to http://freewebsites,com and both contain the same malware found by avast! I no longer want to put my system at a risk so I have blocked both sites on my system using the avast! Web Shield module.
My PC's

Compaq Presario:
Windows Vista Ultimate SP1
AMD Athlon 3800+ 2.4 GHz
2 GB RAM

Sony Vaio:
Windows XP Professional SP3 [Tester]
Intel Pentium M 1.86 GHz
1.5 GB RAM

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83537
  • No support PMs thanks
Re: avast detects prefetched trojan...
« Reply #19 on: May 30, 2006, 08:17:21 PM »
Quote from: Neron
I entered the site to see if kaspersky detects anything and nothing happened...no virus warning...
Well there is no way I would have tried it without the web shield as a back-up and been using firefox and also running it via DropMyRights. So if the worst came about any potential damage would be limited, not to mention regular hard disk images as a final fall back option.

I also checked ds4a.com using site advisor http://www.siteadvisor.com/sites/ds4a.com which has links to sites with suspect spyware/adware.

Whilst this detection of Win32:Small-SK [Trj] hasn't been positively confirmed, you might want to schedule a boot-time scan and or run Ewido Security Suite If using winXP. or a-Squared free if using win98/ME, preferably in safe mode.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.6.2420 (build 20.6.5495.561) UI-1.0.541/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Jorasik

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 423
    • My website (in bulgarian)
Re: avast detects prefetched trojan...
« Reply #20 on: May 30, 2006, 08:26:43 PM »
Dr.Web antivirus link checker returned clean message for both sites(ds4... and freeweb...) Scan with Bitdefender 8 free(updated) returend 0 found.
Did you reciever the same message 303 304 not found??

P.S OK now I'm pretty sure I'm no infected
This is e-mail from kaspersky labs(they are very fast 2-3 hours untill return repport for infected object :)  )
Quote
Hello.

No malicious software was found on sites, only 404 error pages.

--
Regards, Sergey Golovanov
Virus Analyst, Kaspersky Lab.

Ph.: +7(095) 797-8700
E-mail: newvirus@kaspersky.com
« Last Edit: May 30, 2006, 08:37:10 PM by Neron »

Offline OrangeCrate

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 798
Re: avast detects prefetched trojan...
« Reply #21 on: May 30, 2006, 09:04:40 PM »
The boot time scan came back clean, and as mentioned, I've disabled prefetching in Fasterfox.

Thanks for the help guys. I learned a lot.  :)

Offline justin1278

  • Advanced Poster
  • **
  • Posts: 1072
Re: avast detects prefetched trojan...
« Reply #22 on: May 30, 2006, 09:11:07 PM »
OrangeCrate,

Thats great! please come back to learn more and maybe help someone!
My PC's

Compaq Presario:
Windows Vista Ultimate SP1
AMD Athlon 3800+ 2.4 GHz
2 GB RAM

Sony Vaio:
Windows XP Professional SP3 [Tester]
Intel Pentium M 1.86 GHz
1.5 GB RAM

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2119
Re: avast detects prefetched trojan...
« Reply #23 on: May 30, 2006, 09:30:26 PM »
It really can be a false positive. I'll send it to ALWIL.




Offline Omar

  • Sr. Member
  • ****
  • Posts: 254
Re: avast detects prefetched trojan...
« Reply #24 on: May 31, 2006, 12:46:42 PM »
I sent it to antivir they said:


We found a new virus in the attachment you have sent us.
The signature will be integrated in one of our next updates.
The signature of the virus will be detected as PHISH.CitiBkfrau.AQ

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2119
Re: avast detects prefetched trojan...
« Reply #25 on: May 31, 2006, 01:41:48 PM »
Oh, seems to be a new phishing tool or something... When I can say GOOD JOB ALWIL!  ;D Detected it in first place!

Offline Jorasik

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 423
    • My website (in bulgarian)
Re: avast detects prefetched trojan...
« Reply #26 on: May 31, 2006, 01:47:55 PM »
I sent it to antivir they said:


We found a new virus in the attachment you have sent us.
The signature will be integrated in one of our next updates.
The signature of the virus will be detected as PHISH.CitiBkfrau.AQ

Omar,can you please send me this file at jorasik@abv.bgThank you

Offline Omar

  • Sr. Member
  • ****
  • Posts: 254
Re: avast detects prefetched trojan...
« Reply #27 on: May 31, 2006, 02:51:15 PM »
I sent it to antivir they said:


We found a new virus in the attachment you have sent us.
The signature will be integrated in one of our next updates.
The signature of the virus will be detected as PHISH.CitiBkfrau.AQ

Omar,can you please send me this file at jorasik@abv.bgThank you

I am happy to send it to you!

would you like it in a password protected zip file?

Offline Jorasik

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 423
    • My website (in bulgarian)
Re: avast detects prefetched trojan...
« Reply #28 on: May 31, 2006, 06:50:24 PM »
Thank you Omar,file recieved.It's just a .txt file isn't it?

Offline Omar

  • Sr. Member
  • ****
  • Posts: 254
Re: avast detects prefetched trojan...
« Reply #29 on: May 31, 2006, 06:54:04 PM »
Neron, yes you are correct it is just a txt file!

I sent it to kaspersky, they said it does not contain a virus or trojan!

But antivir said it did. I`m bit confused!