Author Topic: Avast missed these two trojans..  (Read 4827 times)

0 Members and 1 Guest are viewing this topic.

MDesigner

  • Guest
Avast missed these two trojans..
« on: February 13, 2004, 04:40:02 AM »
Here is some stuff that Avast missed:

kernel32.dlI->(UPXW) is infected with Backdoor:Win32/Amitis.1_3

porn.bat is infected with BAT/BWG.D.gen*

I submitted these to Avast already.. hope the DB gets updated soon!  How quick does the Avast team update the DB with newly submitted viruses?
« Last Edit: February 13, 2004, 04:43:46 AM by MDesigner »

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11864
    • AVAST Software
Re:Avast missed these two trojans..
« Reply #1 on: February 13, 2004, 09:27:59 AM »
In general, it depends on how "dangerous" the viruses are.
Big threats are added immediatelly, of course. "Zoo" viruses make take a little longer... (don't know about these two).

Thanks for submitting them!
« Last Edit: February 13, 2004, 09:28:27 AM by igor »

monica_888

  • Guest
Re:Avast missed these two trojans..
« Reply #2 on: February 13, 2004, 06:27:25 PM »
avast  is  very  good   in  virus   detection   but  poor  in  trojan   detection    it  failed  to  pick   up  password   stealer  trojan  from  my  computer  . Tds   anti  trojan   detected   and   deleted  that  trojan  

MDesigner

  • Guest
Re:Avast missed these two trojans..
« Reply #3 on: February 13, 2004, 06:45:52 PM »
Ah yes. They were trojans.  But why would avast! not be good at detecting trojans?  They're just as dangerous as viruses..sometimes moreso.

Waldo

  • Guest
Re:Avast missed these two trojans..
« Reply #4 on: February 13, 2004, 07:16:38 PM »
AVAST has improved ALOT since a few months in trojan detection. They use (they added) a very strong generic method to detect them.

This is why most of the trojans detected by AVAST doesn't have a "real name", it is just detected as a generic worm or trojan. This is not a major problem, as you can easely look up the real name when you scan the file or your pc with a online-scanner.

The problem is with trojans, that they can easely "hide" from scanners. You can use an exotic packer or hex-edit them, or add a few bytes etc...you can even download trojans that were specially made to evade detection from scanners...not to mention polymorhpic droppers.

so dealing with trojans, rootkits, backdoors is NO easy task.

Waldo