Two unrecognized viruses

Avast Free Antivirus / Premium Security
21

nope… MS OLE is unpacked in all cases - but not all MS OLE objects could be infected by some macro virus… real macro engine is more clever than to find some string everywhere… we can’t produce many false positives :wink:

22

:o

23

nope means - not realised as you think… i just want to say - macro engine is more complicated system than string matching algo… so we have string finder and macro engine, but don’t want to mix them…

24

i mean

we are able to unpack OLE != we have a reliable macro engine
or
we are able to unpack OLE < we have a reliable macro engine

but we HAVE the macro engine and if we want to use it (and we of course want), we must choose the right parts of macro to check them etc… it’s not so easy like choosing one detection string…

25
26

yvs, I understand that people are generally not happy with “We know better than you” type of answers, but you’ll have to trust that in this case, we actually do.

If you think otherwise, we’d be more than happy to employ you… :slight_smile:

Take care,
Vlk

27

Wath i think?..

I hear your banality about unpack OLE and macro engine and again think “ve have a problem”, “ve have a problem”…

Oh, i very hope that you “know better” at least about viruses!

Tnx, i have own “job” - http://www.yvs.makeevka.com, accountig software for Ukraine.

Both viruses still not be recognized.

28

yvs: wait for the next vps… we can’t release an unchecked detection generally… and the test for false positives takes over 20 hours (the cleanset is really huge)… we’re thinking about some speed-up through the parallel tasks, but it absolutely can’t be done by some allmighty magic wand in one second (one hour… not even in one day)… many innovations are queued, but i said it before - everything needs some time…

29

Tnx!

Tnx!

Yes, yes… Вut! vps for Zaraza.doc i and my fiends waiting more then one month, vps for AUH5j6Ma.exe i waiting from 2 aug 2007.

30

it’s the holidays time now… we don’t have the complete team here, so we need a little more time than ordinarily… but you can be sure, we’re working on it :wink:

31

Avast now kill AUH5j6Ma.exe! Virus named Win32:Agent-JXT [Trj]

Zaraza.doc still live…

32

AVG now kill zaraza:

AVG 7.5.0.476 - 2007.08.12 - W97M/Zaraza

33
AVG now kill zaraza:

AVG 7.5.0.476 - 2007.08.12 - W97M/Zaraza

I know. I submitted it. :wink:

Thank you for your email.

Thank you for the archive that you have sent us for analysis. The both files have been identificated as infected. Appropriate detection string will be added to the today’s release of the AVG virus database.

Thank you for your cooperation. We appreciate it.

 Best regards,

 Emil Budin 
 AVG Technical Support</blockquote>

(Submitted 7/7, response 8/7)

34

i don’t want to sound too unsympathetic to the needs of the avast team and their families … but since when did global virus writers comply with the holiday schedule of Prague and its surrounding area?

35

Indeed. They need to have a way around this. To publicly state that holidays is a reason to leave people unprotected and promote Avast as a professional product is not acceptable in this day and age. The competition would take great pleasure in picking up on this. If you haven’t got enough staff Alwil, you need to recruit.

36

i know… one way is to employ more ppl and another way is to make things better… i’m doing some steps to apply the second way (and many other Alwil staff doing the same) and the improvement and speed-up should come soon :wink:

37

Good - and thanks for responding quickly. That in itself is professional and better than most of the competition can manage.

38

concretely the new sorting engine for incoming samples is “on the test road” (it will help us too much), also new and stronger polymorph detection engine is written… we’re working systematically to eliminate some of the urgent points of your displeasure ;)… many things are not visible to “normal user”, but they are in Avast and helping to protect you better (i mean adding of new unpackers etc.)…

39

I want to sound:

[i]Thank you for your email, yvs!

… will be added to the today’s release of the AVAST virus database.

Thank you for your cooperation. We appre…

Alwil Technical Support[/i]

Dreams, dreams…

40

Avast now treat ZARAZA.DOC! Virus named MW97:Zaraza-A

Now Subject “Two unrecognized viruses” is wrong…

File http://www.yvs.makeevka.com/files/viruses.zip with viruses is removed.

Thanks again and again to Alwil for high-quality free program.