Avast - thanks for the free antivirus, but please WAKE UP !!!!

S

Shadow

Sent them this malware over a month ago. Sent a copy to AVG
too, since it was creating havoc here in town. I don't even use AVG,
but I figured, vaccine your neighbor and you are half cured.
AVG had a fix in two days.
Avast still identifies my Clamav on-demand scanner as a
dangerous trojan ... but as to this nasty little REAL
virus/trojan/malware type:

a-squared 4.5.0.24 2009.07.29 Packed.Win32.Klone!IK
AhnLab-V3 5.0.0.2 2009.07.29 Win32/Autoit.worm.725796
AntiVir 7.9.0.234 2009.07.29 SPR/AutoIt.Gen
Avast 4.8.1335.0 2009.07.29 -
AVG 8.5.0.387 2009.07.29 Worm/Autoit.AADD
CAT-QuickHeal 10.00 2009.07.28 Win32.Packed.Klone.bj.4
ClamAV 0.94.1 2009.07.29 Trojan.Autoit-72
Comodo 1809 2009.07.30 -
DrWeb 5.0.0.12182 2009.07.29 Win32.HLLW.Autohit.3438
eSafe 7.0.17.0 2009.07.29 Win32.SPRAutoIt
F-Secure 8.0.14470.0 2009.07.30 Packed.Win32.Klone.bj
Fortinet 3.120.0.0 2009.07.29 W32/Autorun.BJ!worm
Ikarus T3.1.1.64.0 2009.07.29 Packed.Win32.Klone
K7AntiVirus 7.10.805 2009.07.29 Packed.Win32.Klone.bj
Kaspersky 7.0.0.125 2009.07.29 Packed.Win32.Klone.bj
McAfee 5692 2009.07.29 W32/Autorun.worm.bz.gen
McAfee+Artemis 5692 2009.07.29 Artemis!3DE683248919
McAfee-GW-Edition 6.8.5 2009.07.29 Riskware.AutoIt.Gen
Microsoft 1.4903 2009.07.29 Worm:AutoIt/Renocide.gen!C
NOD32 4289 2009.07.29 Win32/Packed.Autoit.Gen
Norman 6.01.09 2009.07.29 Smalltroj.PFDP
nProtect 2009.1.8.0 2009.07.29 Trojan/W32.Klone.725796
Panda 10.0.0.14 2009.07.29 Trj/CI.A
Prevx 3.0 2009.07.30 High Risk Worm
Sophos 4.44.0 2009.07.29 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.07.29 Bulk Trojan
Symantec 1.4.4.12 2009.07.30 Bloodhound.Malautoit.2
VBA32 3.12.10.9 2009.07.29 Trojan.Autoit.FINT
 
V

VanguardLH

Shadow said:
Sent them this malware over a month ago. Sent a copy to AVG
too, since it was creating havoc here in town. I don't even use AVG,
but I figured, vaccine your neighbor and you are half cured.
AVG had a fix in two days.
Avast still identifies my Clamav on-demand scanner as a
dangerous trojan ... but as to this nasty little REAL
virus/trojan/malware type:

a-squared 4.5.0.24 2009.07.29 Packed.Win32.Klone!IK
AhnLab-V3 5.0.0.2 2009.07.29 Win32/Autoit.worm.725796
AntiVir 7.9.0.234 2009.07.29 SPR/AutoIt.Gen
Avast 4.8.1335.0 2009.07.29 -
AVG 8.5.0.387 2009.07.29 Worm/Autoit.AADD
CAT-QuickHeal 10.00 2009.07.28 Win32.Packed.Klone.bj.4
ClamAV 0.94.1 2009.07.29 Trojan.Autoit-72
Comodo 1809 2009.07.30 -
DrWeb 5.0.0.12182 2009.07.29 Win32.HLLW.Autohit.3438
eSafe 7.0.17.0 2009.07.29 Win32.SPRAutoIt
F-Secure 8.0.14470.0 2009.07.30 Packed.Win32.Klone.bj
Fortinet 3.120.0.0 2009.07.29 W32/Autorun.BJ!worm
Ikarus T3.1.1.64.0 2009.07.29 Packed.Win32.Klone
K7AntiVirus 7.10.805 2009.07.29 Packed.Win32.Klone.bj
Kaspersky 7.0.0.125 2009.07.29 Packed.Win32.Klone.bj
McAfee 5692 2009.07.29 W32/Autorun.worm.bz.gen
McAfee+Artemis 5692 2009.07.29 Artemis!3DE683248919
McAfee-GW-Edition 6.8.5 2009.07.29 Riskware.AutoIt.Gen
Microsoft 1.4903 2009.07.29 Worm:AutoIt/Renocide.gen!C
NOD32 4289 2009.07.29 Win32/Packed.Autoit.Gen
Norman 6.01.09 2009.07.29 Smalltroj.PFDP
nProtect 2009.1.8.0 2009.07.29 Trojan/W32.Klone.725796
Panda 10.0.0.14 2009.07.29 Trj/CI.A
Prevx 3.0 2009.07.30 High Risk Worm
Sophos 4.44.0 2009.07.29 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.07.29 Bulk Trojan
Symantec 1.4.4.12 2009.07.30 Bloodhound.Malautoit.2
VBA32 3.12.10.9 2009.07.29 Trojan.Autoit.FINT
Click to expand...

And what do you expect us *users* to do about the Avast product? Us
being awake is going to make Avast do something why?
 
F

FromTheRafters

What does it do?

Those results indicate many different things - some say trojan, some say
virus, some say worm, some say packed generic malware...
 
S

Shadow

What does it do?
Click to expand...
It makes all your system files hidden, itself included. It
copies itself to the windows/system32 folder with another name. It
alters your registry settings, opening your shares. It attempts to
access an external website (no- I can't remember which, I had a lot of
trouble removing it, but I'll send you a copy if you really want to
suffer it). It puts a file called Kuh or something similar on every
hard drive.
It messes up the shell extension. And , of course, it makes an
autorun.inf and copies itself on any pendrive inserted in the PC.
It's over half a megabyte of executable !!!
Nasty little (?) thing.
[]'s
I suspected it because my pendrive took a little longer to be
read. You can see it easily with a dir /a from a command window. that
was how I knew I was infected.
Those results indicate many different things - some say trojan, some say
virus, some say worm, some say packed generic malware...
Click to expand...
Bit of each. malware would be the best description.
 
S

Shadow

And what do you expect us *users* to do about the Avast product? Us
being awake is going to make Avast do something why?
Click to expand...
The message was for them. And yes, they do read this little
newsgroup.
Well, Avast survives due to user opinion. If it doesn't, it
doesn't.. Is that a pleonasm ? Have to look it up in my Monty Python
dictionary. :p
[]'s
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Very poor detection from MAJOR av on this trojan, whats up???? 9

Top