AVAST doesn't catch Loadnew.exe

[dsheldon3]

Its a nasty one too and causes big problems.I have to go into safe mode to get rid of it.It sure would be nice if AVAST could figure a way to block this or something.

[Lisandro]

Can you send a sample of it to virus (at) avast.com with a link to this thread?
Thanks.

[dsheldon3]

How can I send a sample of it? Besides that I cannot do anything with my computer till its deleted.

[Rick F]

Submitting sample file....

If you have any suspicious files that are not detected by the latest version of our antivirus programs, you can send them to virus@avast.com. The ideal way to send such files is to compress them as a ZIP with the password 'virus' (so that the attachment is not deleted by some other antivirus software on the way).

Also, make sure you're using 'web shield' in addition to 'standard shield' for this one.

This is part of "JAVA_BYTEVER.C"  This JAVA malware is found in malicious Web sites as part of a Web page applet. It comes in the form of a compiled Java class, and may be called from an HTML page.
It exploits the ByteVerifier vulnerability in unpatched versions of Microsoft (MS) Java Virtual Machine, which could allow a file to be downloaded and executed without a user’s knowledge.

It connects to the following Web site where it downloads a file and saves it as LOADNEW.EXE:

http://ifra<BLOCKED>lars.biz/dl/loadadv479.exe
It then executes the file, which is detected by Trend Micro as TROJ_SMALL.OI.

[dsheldon3]

Thanks, I already have Web shield on high.I wonder what security patch I'm missing.I have Windows ME. Would you happen to know what patch it is?

[dsheldon3]

Is this it ? http://www.microsoft.com/technet/security/bulletin/MS03-011.mspx

[FreewheelinFrank]

The Microsoft Java Machine is obsolete, and won't be supported after the end of next year. You'd be far better off using the MSVM removal tool and installing Sun Java.

http://www.geocities.com/dontsurfinthenude/java.htm

EDIT: Corrected end date for support.