Author Topic: Hey, I think avast has missed a "Mydoom"??  (Read 12668 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re:Hey, I think avast has missed a "Mydoom"??
« Reply #15 on: March 04, 2004, 03:23:21 AM »
Can you wait until tomorrow and 'talk' with Igor and/or Vlk?
I'm sure they can handle this... Anyway, today we have 2 VPS updates and maybe this thing was corrected right now...  ::)
The best things in life are free.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Hey, I think avast has missed a "Mydoom"??
« Reply #16 on: March 04, 2004, 03:25:57 AM »
I'd like to see the file as well... ;)
If at first you don't succeed, then skydiving's not for you.

writerguy

  • Guest
Re:Hey, I think avast has missed a "Mydoom"??
« Reply #17 on: March 04, 2004, 05:21:25 AM »
I'd like to see the file as well... ;)

Sure. Just used the "email" icon to send it to you as an attachment named "suspect-virus.zip" It'll be coming to you from "news@gsezines.com."

Thanks,

Gary Speer

Offline MikeBCda

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2247
Re:Hey, I think avast has missed a "Mydoom"??
« Reply #18 on: March 04, 2004, 07:02:32 PM »
I got one of those latest Bagle ones yesterday morning (the new variation with the password-protected zip attached, with of course the password included in the main message).  My ISP's VirusGuard caught it and quarantined it before avast even got to see it.

Since because of discussions about it here the last couple of days, I already knew it was infected, I was tempted to "deliver as is" just out of curiosity to see at what point avast would catch it.  But I played it extra-safe and just deleted it still "out there", without downloading.
Intel Atom D2700, 2 gig RAM, Win 7 x64 SP1 & IE-11, Firefox 51.0
(default). 320 gig HD, 15Mb DSL, Win firewall, Avast 12.3.2280 free, SpywareBlaster, MBAM Prem., Crypto-Prevent

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Hey, I think avast has missed a "Mydoom"??
« Reply #19 on: March 04, 2004, 10:23:26 PM »
We'll be releasing a solution for this during tomorrow.
It's a specific fix to the Beagle worm -- to do this generally is impossible as ZIP passwords of reasonable length are generally immune to attacks, and to extract the password from the rest of the mail cannot be done generally (imagine e.g. the GIFs that are used to protect some web registration forms to prevent automatic filling by webbots).

Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.