Author Topic: I finally got infected...  (Read 5555 times)

0 Members and 1 Guest are viewing this topic.

Klavier

  • Guest
I finally got infected...
« on: May 30, 2006, 05:08:08 AM »
Hi again.. I use Avast, updated. Yesterday, I saw this web:

http://    w   ww.id  ea stelcel.esp.      st   

(I put a space in it so that you dont click it...)

And my windows crashed.. I had to format.
I couldn´t even know what virus was, avast dont detected it.. If it is a new spreading virus, try to check it please, I can´t submit the file because I dont want to try to d/l it for fear of a infection..
the file was videosexy.avi.exe
 (I didn´t check for the .exe, because I felt secure with avast).

Thanks!

Spyros

  • Guest

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: I finally got infected...
« Reply #2 on: May 30, 2006, 10:42:02 AM »
Kaspersky finally missed one!  ;D

     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Klavier

  • Guest
Re: I finally got infected...
« Reply #3 on: May 30, 2006, 05:06:20 PM »
Thanks for the info.!

:)

Klavier

  • Guest
Re: I finally got infected...
« Reply #4 on: May 30, 2006, 05:17:33 PM »
Here´s when I think on heuristics or something more proactive that detects unknown threats.

justin1278

  • Guest
Re: I finally got infected...
« Reply #5 on: May 30, 2006, 05:33:44 PM »
By the results of the scan it looks like it may be a new emerging threat. Hopefully avast! will get it in the next update or two.

TAP

  • Guest
Re: I finally got infected...
« Reply #6 on: May 30, 2006, 05:56:41 PM »
About Kaspersky, although its scanning engine fails to detect this worm but I think the proactive defense module (behaviour blocking) in KAV 6 will finally help stop the worm to install on a victim machine.

For proactive solution to protect against unknown threats, on the user side, I think the disciplined safe computing practice could effectively help much more than any other AV software, if you treat every shady-unknown files/links/web sites that you don't really know what it is or where in comes from as a suspicious object that you should not click on it.

I know it's rather difficult in real life but if you try, it could help much.  :)

JerryM

  • Guest
Re: I finally got infected...
« Reply #7 on: May 30, 2006, 06:51:41 PM »
I observe that Bit Defender seems to  have a very high detection rate.
While it does not perform at the top on the AV Comparatives on demand tests, it identifies new malware better than most, even including KAV, which I use. It also often does better than NOD.

It will be interesting to see what the BD 10 does, and I hope it is not just a suite, but also has the AV only application like KAV.

Jerry

Klavier

  • Guest
Re: I finally got infected...
« Reply #8 on: May 31, 2006, 01:11:23 AM »
About what JerryM said, which antivirus do you think has the best proactive/heuristic/unknown virii detection and why? (like a mini poll).

Offline YLAP

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2118
Re: I finally got infected...
« Reply #9 on: May 31, 2006, 11:38:47 AM »
Seems it can kill boot sector... if McAfee says "New Floopy Worm". Hopefully it's detection will be added soon...

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: I finally got infected...
« Reply #10 on: June 01, 2006, 08:56:16 AM »
What's up guys?

I sent this file to avast! and AVG. I got a nice email back from AVG to say thanks, but the definition is already in our next definitions update; nothing from avast!

The virus is still not detected by avast! a day later.  ???



Edit: with the latest update, Ewido now detects this.
« Last Edit: June 01, 2006, 01:28:29 PM by FreewheelinFrank »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

kareld

  • Guest
Re: I finally got infected...
« Reply #11 on: June 01, 2006, 02:52:32 PM »
Hello,
  I wasn't able to find the sample. Could you resend it? Either to virus at avast.com or directly to me, divis at avast.com. Please, send it in rar, zip, 7z or similar archive using password protection. Prefferably, the password used should be 'virus', 'infected', or similar simple password, and the password protection used should be legacy password feature, not the strong (AES, Twofish) encryption some archivers have. Thank you.