Author Topic: I finally got infected...  (Read 5106 times)

0 Members and 1 Guest are viewing this topic.

Offline Klavier

  • Jr. Member
  • **
  • Posts: 32
  • I'm a flying llama!
I finally got infected...
« on: May 30, 2006, 05:08:08 AM »
Hi again.. I use Avast, updated. Yesterday, I saw this web:

http://    w   ww.id  ea stelcel.esp.      st   

(I put a space in it so that you dont click it...)

And my windows crashed.. I had to format.
I couldn´t even know what virus was, avast dont detected it.. If it is a new spreading virus, try to check it please, I can´t submit the file because I dont want to try to d/l it for fear of a infection..
the file was videosexy.avi.exe
 (I didn´t check for the .exe, because I felt secure with avast).

Thanks!
AMD Sempron 2400, 512 RAM, 280 Gb HDD, ViewSonic E70f+; Windows XP+SP2 Home, Avast 4.6.691 Home, Sygate 5.6, Ad Aware 1.06, Opera 8.5 + Firefox 1.0.7

Offline Spyros

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1139

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: I finally got infected...
« Reply #2 on: May 30, 2006, 10:42:02 AM »
Kaspersky finally missed one!  ;D

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Klavier

  • Jr. Member
  • **
  • Posts: 32
  • I'm a flying llama!
Re: I finally got infected...
« Reply #3 on: May 30, 2006, 05:06:20 PM »
Thanks for the info.!

:)
AMD Sempron 2400, 512 RAM, 280 Gb HDD, ViewSonic E70f+; Windows XP+SP2 Home, Avast 4.6.691 Home, Sygate 5.6, Ad Aware 1.06, Opera 8.5 + Firefox 1.0.7

Offline Klavier

  • Jr. Member
  • **
  • Posts: 32
  • I'm a flying llama!
Re: I finally got infected...
« Reply #4 on: May 30, 2006, 05:17:33 PM »
Here´s when I think on heuristics or something more proactive that detects unknown threats.
AMD Sempron 2400, 512 RAM, 280 Gb HDD, ViewSonic E70f+; Windows XP+SP2 Home, Avast 4.6.691 Home, Sygate 5.6, Ad Aware 1.06, Opera 8.5 + Firefox 1.0.7

Offline justin1278

  • Advanced Poster
  • **
  • Posts: 1072
Re: I finally got infected...
« Reply #5 on: May 30, 2006, 05:33:44 PM »
By the results of the scan it looks like it may be a new emerging threat. Hopefully avast! will get it in the next update or two.
My PC's

Compaq Presario:
Windows Vista Ultimate SP1
AMD Athlon 3800+ 2.4 GHz
2 GB RAM

Sony Vaio:
Windows XP Professional SP3 [Tester]
Intel Pentium M 1.86 GHz
1.5 GB RAM

Offline TAP

  • Sr. Member
  • ****
  • Posts: 201
  • I'm a llama!
Re: I finally got infected...
« Reply #6 on: May 30, 2006, 05:56:41 PM »
About Kaspersky, although its scanning engine fails to detect this worm but I think the proactive defense module (behaviour blocking) in KAV 6 will finally help stop the worm to install on a victim machine.

For proactive solution to protect against unknown threats, on the user side, I think the disciplined safe computing practice could effectively help much more than any other AV software, if you treat every shady-unknown files/links/web sites that you don't really know what it is or where in comes from as a suspicious object that you should not click on it.

I know it's rather difficult in real life but if you try, it could help much.  :)

Offline JerryM

  • Sr. Member
  • ****
  • Posts: 232
  • I'm a llama!
Re: I finally got infected...
« Reply #7 on: May 30, 2006, 06:51:41 PM »
I observe that Bit Defender seems to  have a very high detection rate.
While it does not perform at the top on the AV Comparatives on demand tests, it identifies new malware better than most, even including KAV, which I use. It also often does better than NOD.

It will be interesting to see what the BD 10 does, and I hope it is not just a suite, but also has the AV only application like KAV.

Jerry
Laptop Intel Core i3, 4GB DDR3, Windows Home Premium, SP1, 7 64 bit
 Avast Pro 7.W7 Firewall MBAM Pro, and Win Patrol

Offline Klavier

  • Jr. Member
  • **
  • Posts: 32
  • I'm a flying llama!
Re: I finally got infected...
« Reply #8 on: May 31, 2006, 01:11:23 AM »
About what JerryM said, which antivirus do you think has the best proactive/heuristic/unknown virii detection and why? (like a mini poll).
AMD Sempron 2400, 512 RAM, 280 Gb HDD, ViewSonic E70f+; Windows XP+SP2 Home, Avast 4.6.691 Home, Sygate 5.6, Ad Aware 1.06, Opera 8.5 + Firefox 1.0.7

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2119
Re: I finally got infected...
« Reply #9 on: May 31, 2006, 11:38:47 AM »
Seems it can kill boot sector... if McAfee says "New Floopy Worm". Hopefully it's detection will be added soon...

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: I finally got infected...
« Reply #10 on: June 01, 2006, 08:56:16 AM »
What's up guys?

I sent this file to avast! and AVG. I got a nice email back from AVG to say thanks, but the definition is already in our next definitions update; nothing from avast!

The virus is still not detected by avast! a day later.  ???



Edit: with the latest update, Ewido now detects this.
« Last Edit: June 01, 2006, 01:28:29 PM by FreewheelinFrank »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline kareld

  • Avast team
  • Jr. Member
  • *
  • Posts: 32
    • ALWIL Software
Re: I finally got infected...
« Reply #11 on: June 01, 2006, 02:52:32 PM »
Hello,
  I wasn't able to find the sample. Could you resend it? Either to virus at avast.com or directly to me, divis at avast.com. Please, send it in rar, zip, 7z or similar archive using password protection. Prefferably, the password used should be 'virus', 'infected', or similar simple password, and the password protection used should be legacy password feature, not the strong (AES, Twofish) encryption some archivers have. Thank you.