Author Topic: A virus and avast does not detect.  (Read 6675 times)

0 Members and 1 Guest are viewing this topic.

Offline LOR PAL

  • Jr. Member
  • **
  • Posts: 29
A virus and avast does not detect.
« on: October 01, 2011, 06:34:54 AM »
Hello community. I'm using avast! Free for over a year, a few days ago I downloaded a patch, turned out to be a virus and unfortunately avast! if it even detects it as if it had not existed. Luckily I had on hand the Malwarebytes' Anti-Malware and SUPERAntiSpyware Free next to root him out. Luckily it was harmless Tongue in my Windows XP.

 Anyway I got to Virus Total and these are the results:

http://www.virustotal.com/file-scan/report.html?id=91708162c8496e47f0afe8e4b9ec57365dd7037265c8d7c3faf79e9c271406f6-1297368829

 If something is here used as the result of MBAM:
Quote

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version Database: 7809

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/27/2011 2:05:50 PM
mbam-log-2011-09-27 (14-05-50). txt

Types of Analysis: Full Scan (C: \ |)
Objects scanned: 182668
Time elapsed: 57 minute (s), 27 second (s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values ​​Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Active Setup \ Installed Components \ {52D0E803-VXW1-U607-Q1Y3-780I33BN6LE4} (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT \ CLSID \ {52D0E803-VXW1-U607-Q1Y3-780I33BN6LE4} (Backdoor.Agent) -> Quarantined and deleted successfully.

Registry Values ​​Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \ HKLM (Backdoor.Agent) -> Value: HKEY_LOCAL_MACHINE -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Run \ Policies (Backdoor.Agent) -> Value: Policies -> Quarantined and deleted successfully.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \ HKCU (Backdoor.Agent) -> Value: HKEY_CURRENT_USER -> Quarantined and deleted successfully.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Run \ Policies (Backdoor.Agent) -> Value: Policies -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c: \ install \ server.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c: \ recycler \ s-1-5-21-1957994488-1390067357-1547161642-500 \ Dc99.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c: \ system volume information \ _restore {-2f1f-4b0d 6bd73f65-8f31-64504602cf64} \ RP56 \ A0010301.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.


 I think that was a magnificent point is that antivirus finger cot.

I am proud not piracy but there is some non essential programs.

  Unfortunately the virus can not send hotmail and yahoo virus@avast.com but what I detected as viruses and gmail says that does not allow to be executable.

Thank you and greetings from Argentina:)

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31333
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: A virus and avast does not detect.
« Reply #1 on: October 01, 2011, 07:02:12 AM »
You sure can send it to virus@avast.com
Put it in a password protected zip and than send it.
Don't forget to mention the password in the mail ofcourse.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36932
Re: A virus and avast does not detect.
« Reply #2 on: October 01, 2011, 09:43:07 AM »
the virus total scan you posted is from feb 2011
so to get a correct result click scan again......

First seen: 2010-12-28 02:35:38
Last seen : 2011-02-10 20:13:49


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32951
  • malware fighter
Re: A virus and avast does not detect.
« Reply #4 on: October 01, 2011, 02:33:00 PM »
Hi Dim@rik,

This is the McAfee virus profile for this trojan: http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=557238

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Dim@rik

  • Advanced Poster
  • **
  • Posts: 670
Re: A virus and avast does not detect.
« Reply #5 on: October 01, 2011, 02:45:07 PM »
Hi Dim@rik,

This is the McAfee virus profile for this trojan: http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=557238

polonus


Hi Polonus,

Send to Avast.


-----------------

Your request has been analyzed by an automatic system. The corresponding entry is added to Dr.Web virus database and will be available in the next update.

-----------------

Threat: Win32.HLLW.Autoruner.25074

This is software generated mail message on behalf of virus hunters activity.
Category: NEW VIRUS
File:     TuneUp Utilities 2011 patch.exe
MD5:      95d97f671fa81b1099cc4019bb1fb75d
« Last Edit: October 01, 2011, 04:06:58 PM by Dim@rik »

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11077
  • No support PM's thanks
Re: A virus and avast does not de
« Reply #6 on: October 02, 2011, 12:45:26 PM »
--If you dont want to spend the money, you can look at these free options:
AVG
Avast
Panda Cloud Anti-Virus

I have used all of these with no problems.  Some of them actually caught more Viruses then from the ones that you paid for at the store.
Hope it helps
Obviously the OP already has Avast so there is no point in mentioning that in your choice list plus this is the avast forum so there is no reason for you to be advertising competitor products.

Actually i see no reason for you to have even posted as the others you mentioned cant be run on the system together with avast and the OP has already run Malwarebytes which seems to have fixed his problem.