Author Topic: Win32.korgo.F (Read 3839 times)

cjtc · « **on:** June 04, 2004, 10:07:14 PM »

Just had an e-mail alert from Symantec about Korgo.F
They have protection against this moderate threat since 2nd June.
However, Avast! doesn't seem to protect against this, nor Korgo.C, .D, .E or .G
I have to wonder why this is.

RejZoR · « **Reply #1 on:** June 04, 2004, 10:10:59 PM »

Its probably under different name.

cjtc · « **Reply #2 on:** June 04, 2004, 11:40:51 PM »

It's also known as PADOBOT, but that isn't in the Avast! database either. W32:Korgo detection stops at version C in Avast!

cjtc · « **Reply #3 on:** June 05, 2004, 03:50:57 PM »

I'm still surprized that Avast! doesn't seem to protect against Korgo variants above C. It's even hit the national news:

http://news.bbc.co.uk/1/hi/technology/3776247.stm

Would somebody from Avast! care to comment?

whocares · « **Reply #4 on:** June 05, 2004, 04:55:16 PM »

Hi,

not from alwil but:

a) maybe the previously released avast-signatures against other KORGOs already detect what Symantec calls "F"-Variant ? the naming conventions differ significantly between different AV companies..
EDIT e.g. like it happens here: http://www.f-secure.com/v-descs/korgo_f.shtml#detect

b) alwil can't include it until they receive a sample
c) according to your article and TREND, it's not so widespread..
d) if you have all WindowsUpdates applied (as you ALWAYS should)
it won't affect you..

Author Topic: Win32.korgo.F (Read 3839 times)

cjtc

Win32.korgo.F

RejZoR

Re:Win32.korgo.F

cjtc

Re:Win32.korgo.F

cjtc

Re:Win32.korgo.F

whocares

Re:Win32.korgo.F