did ava got less detection ration for a while?
i getting more and more viri and detects by others but not ava and some more. but it seems that ava getting updates slower. do this depends on compression type?
sorry i did’nt know where to post.
did ava got less detection ration for a while?
i getting more and more viri and detects by others but not ava and some more. but it seems that ava getting updates slower. do this depends on compression type?
sorry i did’nt know where to post.
The detection (virus database) is always increased and not reduced…
The avast updates are normal, I mean, the number of updates this week could be lower than the previous weeks. But, I think it depends on the virus activity in the web
i hope so, and i hope that it will be possible to make own updates to avast while official updates is not ready. like clamav has and some other av’s.
i got about 8 viri from one page and avast could catch just about 6 of them i think. then begone trouble on my PC.
What do you mean, beta updates?
Can you send the samples to virus@avast.com ?
You can zip and password the files… Inform a link to this thread and the password used.
You can send the files to Chest and, from there, resend to Alwil for analysis.
Thanks.
If I were getting more and more viruses, I would certainly consider reviewing my security habits. What Browser, sites I visit, etc.
i got about 8 viri from one page and avast could catch just about 6 of them i think. then begone trouble on my PC.
Yes there are going to be first day and undetected viruses, in the meantime vigilance and senseable precautions.
Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.
Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.
i traid trend micro and it found 3 of them
torj_adload.s
TSPY_SMALL.AZB
TROJ_DRSMARTL.A
EDIT: one was missed by trendmicro too i will send it to avast soon.
ADD: panda removed all of them, but i got much more problem with using my computer,ehh…
ADD: scan results ------
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found Adware.Look2me
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found not-a-virus:AdWare.Win32.Look2Me.ab
NOD32 Found a variant of Win32/Adware.Look2Me application
Norman Virus Control Found W32/Look2Me.DJ
UNA Found nothing
VBA32 Found nothing
One more file with name “country.exe” localed in %windir%
AntiVir Found Trojan/Killav.DB.2
ArcaVir Found Trojan.Downloader.Asks
Avast Found nothing
AVG Antivirus Found Collected.Z
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found W32/KillAV.3B84-tr
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found W32/Tofger.CD
UNA Found Trojan.Win32.KillAV
VBA32 Found TR.Killav.DB.2
i want to describe zip that i send:
ZipName: MrBabis.zip
contains 3 files
2 dll files
1 exe file
password: virus
dll files has different size but same word inside
“nictechnetworks”
filenames looks like random created
exe file has no readable text inside, probaly packed exe
// in mail i did link to this post
The “reports” seem to be saying you have trojans and/or
spyware !? Assuming you have Win XP or Win 2000, have
you tried the good & FREE anti-trojan “Ewido” program
from www.ewido.net/en !?
The report of “Look2Me” is a serious spyware infection
and I recommend you ask for help in the forum(s) of your
antiSPYWARE provider.
yes, ewido found not all too (just some other that downloaded by this viri).
After it is in you computer it begin to download other viri and spy’s, some of them blocks by some AV’s other no. If AV diabled then thay continue to download infected files.
here is link to google search, it current found just 65 similar descriptions:
http://www.google.se/search?hl=sv&q=virus+country.exe&meta=
Virus comes from infected web sites. By using some of IE vulnerability.
I removed trojan and look2me by using own triks and autoruns from sysinternals.
EDIT:
about those look2me dll files:
files locks access types: Read,Write,Rename
so it makes that AV cannot get access to files and scan them.
It seems recently on the antiSPYWARE forums I visit, that
the TRIAL version of Webroot’s SpySweeper is advocated,
along with Ewido, to get rid of “Look2Me” !?
if you will search in google for “Trojan.Downloader.Asks” (36 hits)
or “country.exe virus” (63 hits)
So this post will come on the first lines.
It means that virus is almost new