Author Topic: Avast! Undetected Viruses  (Read 3198 times)

0 Members and 1 Guest are viewing this topic.


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37529
  • Not a avast user
Re: Avast! Undetected Viruses
« Reply #1 on: September 26, 2010, 03:48:04 AM »
why not post this in the topic already made for this  http://forum.avast.com/index.php?topic=64122.0

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33899
  • malware fighter
Re: Avast! Undetected Viruses
« Reply #2 on: September 26, 2010, 04:30:36 PM »
Yes, follow Pondus's suggestion. By the way here is info on one of the malcreations mentioned:
Backdoor.Generic.459002: http://vil.nai.com/vil/content/v_132798.htm

And here avast added detection in a more recent report: http://www.virustotal.com/file-scan/report.html?id=1f5b7c646092641618b79557a47dcc8eba3f96d8f82673568d9d124f5c3fd90a-1285496755

Here a removal procedure for one of the keyloggers:
Kill processes:
889807c35d0a25da35739a87b5c80cf5.exe, keylogeditor.exe, mshe1p.exe, rds.exe, trojanspy.win32.delf.af.exe, trojanspy.win32.delf.af[2].exe, trojanspy.win32.delf.ar.exe, trojanspy.win32.delf.bw.exe, trojanspy.win32.delf.i.exe, trojanspy.win32.delf.m.exe, trojanspy.win32.delf.o.exe, trojanspy.win32.delf.t.exe

Unregister DLLs:
trojanspy.win32.delf.ar[2].dll, trojanspy.win32.delf.cb.dll, trojanspy.win32.delf.n.

Delete files:
889807c35d0a25da35739a87b5c80cf5.exe, keylogeditor.exe, mshe1p.exe, rds.exe, trojanspy.win32.delf.af.exe, trojanspy.win32.delf.af[2].exe, trojanspy.win32.delf.ar.exe, trojanspy.win32.delf.bw.exe, trojanspy.win32.delf.i.exe, trojanspy.win32.delf.m.exe, trojanspy.win32.delf.o.exe, trojanspy.win32.delf.t.exe, trojanspy.win32.delf.ar[2].dll, trojanspy.win32.delf.cb.dll, trojanspy.win32.delf.n.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!