NEW undetected Trojan/Worm

I have found on a friend PC a new virus that isn’t detected by Avast. It has two filenames “mssa32.exe” 42Kb and “msddrv42.exe” hidden in Windows\System32 folder. Oder Antivirus detects as BackDoor.IRC.Sdbot.4632 (Dr.Web), Worm/Palevo.cxw (Jiangmin), Artemis!39C6ADC1049C (McAfee+Artemis). Maybe it mess up the Winsock system.

Can you send the samples to virus@avast.com ?
You can zip and password the files… Inform a link to this thread and the password used.
You can send the files to Chest and, from there, resend to Alwil for analysis.
Thanks.

Yes, I send it via email.

Thanks for helping improving detection.
Hope they detect it soon.

The file ‘msddrv42.exe’ has been determined to be ‘MALWARE’. Avira named it as Worm/SdBot.55296.3. The term “WORM/” denotes a worm that is able to spread itself for instance over the Internet (using eMail, peer-to-peer networks, IRC networks etc.

The file ‘mssa32.exe’ has been determined to be ‘MALWARE’. The file is a Trojan. In general this kind of programs contains harmful functionality called payload.