JS:Packed-AB [Trj].

[altavistasf]

Avast DID infact detect the new malicious malware "JS:Packed-AB [trj]" but was unable to get rid of it. so why would avast post announcements that their antivirus is the ONLY one in the market to detect thsi new malware, while in fact is unable to remove it?
also, no postings on how to remove this malware on this website

[RejZoR]

Erm, use boot-time scan...
Also if you read closely it says they are the only ones detecting it fully, not removing it fully. Though boot time should do it.

[altavistasf]

you Eastern Europeans are definitely the ***SMARTEST*** i ve ever come across
Thanks for the suggestion. One question; how do i do the boot-time scan?

[Maxx_original]

and how could we fix/clean the server-side infections, when we are on the client side? don't you know? should we hack the server, clean the html pages and go away?

[micky77]

you Eastern Europeans are definitely the ***SMARTEST*** i ve ever come across
Thanks for the suggestion. One question; how do i do the boot-time scan?

http://www.digitalred.com/avast-boot-time.php

[L]

I have encountered a JS:Packed-D [trj] every time an add for Cisco Collaboration Technologies comes on while watching a show on fox.com. It causes Firefox to crash. How do I get past it?

[RejZoR]

You can't because it's apparently embeded inside that advertisement. Well you can try with AdBlock Plus extension however to block the ads all together and also avoid loading that ad.

[sert]

Avast DID infact detect the new malicious malware "JS:Packed-AB [trj]" but was unable to get rid of it. so why would avast post announcements that their antivirus is the ONLY one in the market to detect thsi new malware, while in fact is unable to remove it?
also, no postings on how to remove this malware on this website

avast is not the ONLY one in the market to detect this new malware, Sophos detects it as JS/ApndIfra-A since 11 April 2008, avast should not say that

[DavidR]

It wouldn't be new if it was from April 2008, there are new variants and attack methods coming out, so I feel sure this doesn't refer to the same thing.

[Maxx_original]

sert: the phrase is "At the moment, avast! is the only antivirus software fully detecting this new malware." - you probably overlooked the word FULLY... some sites detected by our engine were checked against other AV engines and not a single one of them has had a 100% coverage... this was the statement on Jan 18.

[jsejtko]

well... At the time of publishing avast was only one AV protecting against this malware. It is more than 14 days now, so what has changed?

Sophos looks to be the second engine (GData uses avast!, so GData too). Sophos detect this malware as Mal/ObfJS-AJ which is probably some generic detection. Description can be seen here:

Code: [Select]

http://www.sophos.com/security/analyses/viruses-and-spyware/malobfjsaj.html
Dates from description says everything, so this looks sophos generic detections maight detect this malware before avast.

And how looks todays detections (more than 14 days after attack):

Code: [Select]

http://www.virustotal.com/cs/analisis/ccb0c368459322acd008d024e361a458
http://www.virustotal.com/cs/analisis/470fe4182ca7d5682dfaa6f8a8737ee5
Both files are real webpages downloaded from internet.

Regards