I recently downloaded a keygen from the internet. : I scanned it with Avast! which didn’t warn me about a virus/trojan.
I executed the file. After a few seconds my firewall (sygate personal) informed me that the file “mspatchsec.exe” in “windows/system32” tries to connect to some strange IP.
I declined access and deleted the file which actually did the job!
But why didn’t Avast! see it?
I can send you the file for further testing, do you want that?
(I would have to download it again from the Overnet-Network but I have it in front of my eyes right now, it’s still around there, now with a txt-warning from other users).
Thanks for your good advice. Actually I’m very carefully and updated with my system. It just slipped through this time.
I’m re-downloading the file and will send it to the address you provided soon. Hope you can trace this little bastard then.
Btw: After I got infected I rushed to google and searched for the trojan. I only found a very few postings on the net. Either the trojan is new or not very much spread, anyway, all I read was that other systems got infected and if I rememver correctly they did not run avast but antivir and norton I think.
Check your mail in a few minutes. You’ll receive a trojan. ;D
That trojan is discovered on 5 march 2004. The date you mentioned is the date Kaspersky updated that entire list and does not say anything about the date of recovery of the virusses listed there.
Yeah, of course you’re right. Downloading warez and living secure is a contradiction. It comes close to living secure and going online with Windows. ;D
Anyway, I hope you’ll add it to your virus-list…
…so I can maybe use that keygen.
I scanned it with Avast! which didn’t warn me about a virus/trojan.