Avast missing Trojan-Downloader.Win32.Agent.bet.

Latest VPS is not catching http://www.f-secure.com/weblog/archives/archive-012007.html#00001088 properly almost every other AV does, except for ArcaVir and Norman.

Without commenting on the validity of the OP’s post, you’d have to be a bit silly to click on a file that read video.exe or similar.

The links seems clean to Dr. Web.
But, maybe, some files there are infected.
I hope Alwil take a look here and, if it is the case, improve detection.

Hi Tech! The problem isn’t in that link, this is only a target to F-Secure web blog with the description of that virus.
P.S/ It also known as Win32/Fuclip.B (ESET), see image below.

Let’s hope together. :slight_smile:

I guess virus makers knows that releasing virus in the weekends is the way to go since Avast updates are pretty bad in the weekend.

:‘(
And worse is that we don’t have an Alwil word about…
Promises, promises… :’(

Some how I doubt they release them based on the frequency of avast updates at weekends.

They change things according to what is in the News recently and release immediately (why wait to the weekend), Large Storms in Europe ‘Storm Warning’, plus the other subject headings in the f-secure link.

This is social engineering just to get the user to open the email, curiosity definitely kills the cat (curious user). Don’t open unsolicited, unexpected emails, much less open any attachments or click on links in said emails. Just plain Common Sense will protect you from this typ of infection, certainly until a signature if added to any VPS.

DavidR says…

This is social engineering just to get the user to open the email, curiosity definitely kills the cat (curious user). Don't open unsolicited, unexpected emails, much less open any attachments or click on links in said emails. Just plain Common Sense will protect you from this typ of infection, certainly until a signature if added to any VPS.

Truer words were never spoken. Trust no one…and I mean no one.
Caution…caution is the key word. When in doubt…just delete the email. Truly it’s not worth it.

Nice way to spin it, so why even have a anti-virus program installed??

Offcouse it’s plain stupid to open a file named video.exe, but that is not the god damn point. The point it Avast updates are getting pretty bad and a lot of users rely on their anti-virus program to protect them, because they dont have the knowledge about virus aso.

Nice way to spin it, so why even have a anti-virus program installed??

Hardly spin, just plain common sense as I said, I have no need to spin anything, I’m just an avast user like yourself. So why have an AV installed, Common Sense again, email isn’t the only route into your system.

I don’t rely on a single application to protect my system, first and foremost common sense will limit infection. I also have an anti-spam, whilst not designed as an anti-virus (it can detect some viruses) so I can see these suspicious emails and delete them at the email server, so they don’t even get to being downloaded to be scanned by avast, but there is no way I wouldn’t have it installed.

You should take a look at the VPS History and nothing this weekend but prior to that almost one a day and some days multiple VPS updates and one day with 5 updates, so I wouldn’t say “The point it Avast updates are getting pretty bad”

First alwil needs a sample of the virus, then the detection can be added.

A couple of years ago, virus definitions where released weekly. (mcafee at the time) With the volume of new virus relatively low, this was deemed adiquate. In the case of a major out break, extra dats where released. I just got in the habit of checking their library, to see what was new and when the scheduled date for detection was. A quick read gave me enough info to recognise an infected e-mail.

The info is out there. People have to be aware that there is a time frame between new virus and detection. They can’t just rely on any program, the brain has to be a part of the equation.

I do agree with you that sometimes the detection has been lagging. This has to inprove.

Today, updates have to be more frequent with all the new/variants. Malware authors are improving and have a head start.

I don’t rely on a single application to protect my system, first and foremost common sense will limit infection. I also have an anti-spam, whilst not designed as an anti-virus (it can detect some viruses) so I can see these suspicious emails and delete them at the email server, so they don’t even get to being downloaded to be scanned by avast, but there is no way I wouldn’t have it installed.

Hello its me again ::), Ive just read this, do i have a anti-spam included in any of the freeware i installed?
1 AVAST Anti-virus
2 Ewido, a.k.a. avg anti-spyware
3. Ad-Aware SE Personal Edition
4. Spybot Search and Destroy
5. Spywareblaster

No they aren’t anti-spam, I use MailWasher Pro (paid for) there is a free version but that only deals with one email address. For others, a google search returns many hits, http://www.google.com/search?q=freeware+anti-spam, which ever one you choose it should ideally be one that can delete the spam at email server level without having to download the full email before filtering the spam.

The new threat refered to in the original post is detected by avast 4.7.892 vps 704 jan 18/07

It was a heuristic warning, no mention of name of the file in the warning. Viewing what was left after clicking delete

"Suspicious extension(s) of attachment

  • Full Clip.exe

Sender: Herman <(edited by oldman)>
Recipient: (edited by oldman)
Subject: Sadam Hussein alive!"

A google search showed it as the so called storm warning trojan.