Author Topic: What to do with Viruses??  (Read 11725 times)

0 Members and 1 Guest are viewing this topic.

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4143
  • Some days..... MOS...this bug's for you
Re: What to do with Viruses??
« Reply #15 on: October 22, 2007, 06:57:19 AM »
How many files where in the folder?

Offline Maxx_original

  • Avast team
  • Super Poster
  • *
  • Posts: 1479
Re: What to do with Viruses??
« Reply #16 on: October 22, 2007, 10:17:32 AM »
pelikan: you can send some samples to virus[at]avast[dot]com from your yahoo account.. ;)

Offline Pelikan

  • Newbie
  • *
  • Posts: 13
Re: What to do with Viruses??
« Reply #17 on: October 22, 2007, 11:29:27 AM »
pelikan: you can send some samples to virus[at]avast[dot]com from your yahoo account.. ;)

Hi, Max. Have just sent a bunch of files. Will wait for your reply. Thanks a lot.  :)

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84120
  • No support PMs thanks
Re: What to do with Viruses??
« Reply #18 on: October 22, 2007, 02:18:20 PM »
I would echo oldman's question of how many files were in the .rar as there is a large spread of supposedly different malware types. This could be compounded if you also sent a mix of suspect .html and .doc files.

However, it does show that avast isn't alone in its detections, unfortunately we can't compare what has been detected on a file for file basis.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.9.2437 (build 20.9.5758.0) UI-1.0.579/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4143
  • Some days..... MOS...this bug's for you
Re: What to do with Viruses??
« Reply #19 on: October 22, 2007, 07:06:40 PM »
I suppose my suggestion was a bit fuzzy. I should have made it clear to submit 1 sample file at a time. A sample .doc, html, etc

Offline Pelikan

  • Newbie
  • *
  • Posts: 13
Re: What to do with Viruses??
« Reply #20 on: October 23, 2007, 06:10:35 AM »
How many files where in the folder?
eehm,...dont quite remember alrd..I put randomly few of them (with various virus names), may be 5 or 6 total, taken from Avast virus Chest, packed with rar and uploaded to that site, later sending the same to Maxx for chekup. Im not sure I understand correctly what you suggest. Where do u want me to submit these files one by one?
Thks

Offline Maxx_original

  • Avast team
  • Super Poster
  • *
  • Posts: 1479
Re: What to do with Viruses??
« Reply #21 on: October 23, 2007, 09:03:40 AM »
pelikan: i can't help myself, but i've still got no attachment with your samples.. only a plaintext e-mail ???

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4143
  • Some days..... MOS...this bug's for you
Re: What to do with Viruses??
« Reply #22 on: October 23, 2007, 11:59:24 AM »
How many files where in the folder?
eehm,...dont quite remember alrd..I put randomly few of them (with various virus names), may be 5 or 6 total, taken from Avast virus Chest, packed with rar and uploaded to that site, later sending the same to Maxx for chekup. Im not sure I understand correctly what you suggest. Where do u want me to submit these files one by one?
Thks

Sorry, what I meant was 1 or 2 files from the .doc group and the same with the html and submit them 1 by one. This would give an accurate indication of what the file is being identified as. By submitting the folder, all content was scanned at once. That's why the results show such a wide range of infections.

I'm not sure, but your attachment may be getting stripped off on the way to avast. Maxx can correct me if I'm wrong, but I think a password protected rar is needed.

Offline Maxx_original

  • Avast team
  • Super Poster
  • *
  • Posts: 1479
Re: What to do with Viruses??
« Reply #23 on: October 23, 2007, 12:06:22 PM »
oldman: maybe.. i'll wait for next pelikan's attempt to send the files to me.. :)

Offline Pelikan

  • Newbie
  • *
  • Posts: 13
Re: What to do with Viruses??
« Reply #24 on: October 23, 2007, 12:40:51 PM »

Sorry, what I meant was 1 or 2 files from the .doc group and the same with the html and submit them 1 by one. This would give an accurate indication of what the file is being identified as. By submitting the folder, all content was scanned at once. That's why the results show such a wide range of infections.

I'm not sure, but your attachment may be getting stripped off on the way to avast. Maxx can correct me if I'm wrong, but I think a password protected rar is needed.

I see. I will send them again to Maxx given email (I understand you both r in one Avast group?). The matter is actually that I deleted some infected *exe files from virus Chest, by the advice of few technicians in one Russian PC forum...they told me such files are unrepairable (here I bring a list again):
Html document ----------- Win32:VB-EQB[trj] (found in all other files(most of them Html, Doc)
crack_reg.exe ----------- Win32:Startpage-178[trj]
fgf10.exe ----------------Win32:Spyware-gen[trj]
icq98a_nm.exe ------------Win32:Trojan-gen{VC}
sinstaller2.exe ----------Win32:Adware-gen[Adw]

Besides, they where quite bulky in size to conveniently send. I only left this one so far: Win32:Spyware-gen[trj].   All others as I said, are: Win32:VB-EQB[trj].


So I think I could send to you guys these two types: 1) fgf10.exe ----------------Win32:Spyware-gen[trj]  AND 2) Html document ----------- Win32:VB-EQB[trj]
Does it make sense to submit several files from *Doc and *Html group, if all of them are infected with one type of virus?

Am I right? Sorry if I'm slow in getting what you mean..Trying to do my best.
 

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4143
  • Some days..... MOS...this bug's for you
Re: What to do with Viruses??
« Reply #25 on: October 23, 2007, 12:47:56 PM »
You're doing fine.

You're right if all the  files in a group are being detected the same, then one sample should be enough.

BTW, I'm just a user like you, trying to get the most out of avast.

Offline Pelikan

  • Newbie
  • *
  • Posts: 13
Re: What to do with Viruses??
« Reply #26 on: October 23, 2007, 01:19:49 PM »
You're doing fine.

You're right if all the  files in a group are being detected the same, then one sample should be enough.

BTW, I'm just a user like you, trying to get the most out of avast.

Thanks for that. )) Where did u want me 2send that file, to your email or here in the theme?

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4143
  • Some days..... MOS...this bug's for you
Re: What to do with Viruses??
« Reply #27 on: October 23, 2007, 01:23:41 PM »
Send them to Maxx, he's the guy to look at them.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67274
Re: What to do with Viruses??
« Reply #28 on: October 23, 2007, 01:31:19 PM »
Where did u want me 2send that file, to your email or here in the theme?
Or even virus@avast.com 8)
The best things in life are free.

Offline Maxx_original

  • Avast team
  • Super Poster
  • *
  • Posts: 1479
Re: What to do with Viruses??
« Reply #29 on: October 23, 2007, 02:18:25 PM »
the detections are valid... the htm contains mal iframes at the end of file and the installer contains ad/spy module... i don't know where the infection comes from, but you should run HJT and look for some strange processes, reg entries etc..