INTERESTING TROJAN!!!BE AWARE!!!

[BJ_GeOrgE]

i got infected with a trojan named poison.Ivy and avast couldnt detect it..i tried bitdefender online scan and housecall and they didnt detect it either..only nod32 could detect it which i downloaded as a trial..even anti-trojans as AVG AS,spybot,S antispyware etc couldnt detect it..i removed the trojan with nod32 and some info i found in the following site..

check this website to see what this trojan does and which AV can detect it..
http://kb.mozillazine.org/Firefox.exe_always_open


it would be rly nice if i sent this virus to virus@avast.com coz it would one of the very limited AV that can detect it..but i lost the file..

[DavidR]

I think what is more relevant is the likely means of delivery, from your link.

While SpySweeper suggests that the Poison Ivy trojan is normally spread via email attachment, one of the first reports of PoisonIvy.20.A detection was an infected Runescape (online multiplayer game) hack posted on a gaming message board, and shortly afterwards a similarly posted Diablo II hack was also found infected with the same. It seems that many of the Firefox users affected by the symptoms admit to playing other online multiplayer games - giving some credence to the idea that infected game hacks(cheats) is a more frequent source of infection. Of course, any executable file whose origin/authenticity is uncertain could be a culprit.

The email delivery should be avoidable exercising safe hex and not opening attachments or clicking links in unsolicited emails. The other means of delivery downloading game hacks/cheats, there,  cracks and key-gens are a huge vector for malware infection. So avoiding those hacks, cracks and key-gens should offer limited protection.

[BJ_GeOrgE]

I think what is more relevant is the likely means of delivery, from your link.

While SpySweeper suggests that the Poison Ivy trojan is normally spread via email attachment, one of the first reports of PoisonIvy.20.A detection was an infected Runescape (online multiplayer game) hack posted on a gaming message board, and shortly afterwards a similarly posted Diablo II hack was also found infected with the same. It seems that many of the Firefox users affected by the symptoms admit to playing other online multiplayer games - giving some credence to the idea that infected game hacks(cheats) is a more frequent source of infection. Of course, any executable file whose origin/authenticity is uncertain could be a culprit.

The email delivery should be avoidable exercising safe hex and not opening attachments or clicking links in unsolicited emails. The other means of delivery downloading game hacks/cheats, there,  cracks and key-gens are a huge vector for malware infection. So avoiding those hacks, cracks and key-gens should offer limited protection.

yeah i open neither email attachements nor visiting unsolicited links..i downloaded a keygen and i got infected..i was needed it for a game..but the point is the detection of this malware..its rly impressive that noone AV can detect it except nod32 and spysweeper..

[DavidR]

Yes, a shame you lost the file before sending a sample to avast.

[BJ_GeOrgE]

Yes, a shame you lost the file before sending a sample to avast.

yep..i deleted it coz i avast found nothing and it didnt seem like a virus..after a computer restart..i noticed it.. anyway..if by accident find it again..i will send it to avast..

[Lisandro]

anyway..if by accident find it again..i will send it to avast.

Thanks, this helps to keep avast detection improving...