Author Topic: Malicious Link for Pavel or Igor  (Read 10261 times)

0 Members and 1 Guest are viewing this topic.

Offline XMAS

  • Avast translator
  • Super Poster
  • ***
  • Posts: 1211
  • Santa is watching you ;)
    • avast! in Bulgarian
Re: Malicious Link for Pavel or Igor
« Reply #15 on: November 09, 2006, 07:00:03 PM »
Strange i just installed Dr.Web anti-virus link checker, and i did scan few malicious links, few coolwebsearch and some other links which spread malicious codes, but Dr.Web did not identified them, Non of them, i wonder why  ???
Well, maybe Dr.Web simply do not have definitions for those malicious codes, and that's why it doesn't detect them  ::) ;)
You've Got To Get Close To The Flame To See What It's Made Of...

Henrique - RJ

  • Guest
Re: Malicious Link for Pavel or Igor
« Reply #16 on: November 09, 2006, 11:11:13 PM »
Other...

Link below leads to one file malicious that I do not know if is detected by avast:

hxxp://www.snet.gob.sv/Hidrologia/789879816659898card.html

I modified of HTTP for hxxp so that somebody not click.

Link came here in a virtual card in the Brazil.

It's infected...
« Last Edit: November 09, 2006, 11:13:42 PM by Henrique - RJ »

Henrique - RJ

  • Guest
Re: Malicious Link for Pavel or Igor
« Reply #17 on: November 10, 2006, 02:16:59 PM »
I capture the virus (they are two) of link hxxp://www.snet.gob.sv/Hidrologia/789879816659898card.html using an accelerator of download (Free Download Manager)and avast did not detect none.

"789879816659898card.html" it's a VBS virus (script virus) that it must make download and the automatic installation of the Trojan banker (file “chmody.exe”).

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33871
  • malware fighter
Re: Malicious Link for Pavel or Igor
« Reply #18 on: November 11, 2006, 11:29:36 PM »
Hi Henrique -RJ.

Not any single antivirus solution will catch all malware or have all the definitions. That is why it is good to have some additional non-resident anti-virus solutions (one that protects against this vbs.psyme.239 virus is ClamWin Free Antivirus (see here:
http://lurker.clamav.net/message/20061103.151448.69c9d2dc.en.html)
You cannot have two resident av solutions on one machine because of conflicts, but you can have one resident av solution, like avast, together with online scanners (e.g. Bitdefender etc.) and non=resident, like ClamWin, DrWeb CureIt, stinger.exe, fprot for dos (with automatic updater, yes it is still around).
Then a lot of people have the classical anti-spyware solution on their computers: ad-aware, spybot s&d, and when the computer is malware free a protective program like SpywareBlaster, anti-trojan scanners like a-squared and ewido makes this complete. Additional in-browser security completes all: in Firefox, we have DrWeb's pre-link scanner, MacAfee SiteAdvisor, Stealther, NoScript, AdblockPlus + G. updater. Whit security like that and SafeXP set, so I do not surf with full admin's rights, not a lot can get in harm's way,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!