Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Skelator on October 04, 2003, 03:25:51 AM
-
I was suggested to create a new post so here it is.
Yesterday I received 2 emails from whomever that the subject: avast! 4 <<<the exact spelling.
Within the message in which Avast caught was this.
message 1
X-x: TimeOut
X-x: TimeOut
X-x: TimeOut
X-x: TimeOut+OK
Subject: avast! 4
Suspicious extension(s) of attachment
* q469482.exe
Sender: "Security Bulletin" <mxnadtxwphw-idrrvozo@confidence.com>
Recipient: "Client" <client_nwmlrlsnel@confidence.com>
Subject: New Update ScanMail has detected a virus!
This seems to be the worm thats running the net recently.
Message 2
X-x: TimeOut+OK
Subject: avast! 4
Suspicious extension(s) of attachment
* bjoujxm.exe
Content-Type doesn't correspond with attachment's extension
* bjoujxm.exe - audio/x-wav
<iframe> tag found, it may be dangerous
Sender: "microsoft message system" <vmailprogram@rocketmail.com>
Recipient: "Email Receiver" <receiver@mxserver.com>
Subject: returned mail ScanMail has detected a virus!
Again it seems to be the worm(swen). I did notice that the detections were a different box instead of the usual one that detects incoming viruses. I didn't see anything that stated it was coming from this system and returning back to my own system as infected but rather it did allow myself to delete it. I did notice the other day that when trying to delete the worm that I was getting (swen) that it had either gave up and finally closed itself after asking it to delete it many of times. I haven't received any emails from people complaing of getting any viruses from my system which I maintain closely.
What concern myself was the subject line of avast! 4 and if it isn't a newer worm that is using the avast! 4 name to go after the antivirus software.
On another note:
I have tried many of times to register the software with the knowledge that I would receive a email within a short time with the key code. I'm counting down to day 40 and have submitted my actual name and address along with a valid email address.
I have been fully updated today and have scan the system with no viruses and have scanned on previous updates.
Thanks for reading,
Skelator
-
Thanks for your information Skelator.
Remember that Microsoft do not send e-mails with updates (all of them are hoaxes or another kind of trap... >:(
See: http://www.avast.com/forum/index.php?board=2;action=display;threadid=1219;start=msg6620#msg6620
http://www.f-secure.com/v-descs/swen.shtml
http://www.sophos.com/virusinfo/analyses/w32gibef.html
http://www3.ca.com/virusinfo/virus.aspx?ID=36939
http://vil.nai.com/vil/content/v_100662.htm
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SWEN.A
http://www.viruslist.com/eng/viruslist.html?id=88029
For worm (swen) see:
http://www.f-secure.com/v-descs/swen.shtml
http://www.sophos.com/virusinfo/analyses/w32gibef.html
http://www3.ca.com/virusinfo/virus.aspx?ID=36939
http://vil.nai.com/vil/content/v_100662.htm
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SWEN.A
http://www.viruslist.com/eng/viruslist.html?id=88029
and avast! foruns:
http://www.avast.com/forum/index.php?board=1;action=display;threadid=1356;start=msg7695#msg7695
http://www.avast.com/forum/index.php?board=2;action=display;threadid=1335;start=msg7582#msg7582
http://www.avast.com/forum/index.php?board=2;action=display;threadid=1340;start=msg7577#msg7577
http://www.avast.com/forum/index.php?board=2;action=display;threadid=1348;start=msg7558#msg7558
http://www.avast.com/forum/index.php?board=4;action=display;threadid=1231;start=msg7523#msg7523http://www.avast.com/forum/index.php?board=2;action=display;threadid=1096;start=msg7382#msg7382
http://www.avast.com/forum/index.php?board=2;action=display;threadid=1296;start=msg7111#msg7111
http://www.avast.com/forum/index.php?board=2;action=display;threadid=1282;start=msg7014#msg7014
Swen is a really anoying worm :'(