Recently, my computer was infected twice by viruses that went undetected byt Avast. The first one was win32.trojano-1124 and the second one was w32.spybot.worm.
I realised I was infected (probably via a security breach in Windows 2000) when my network icon was blinking like crazy for no apparent reason. I opened a command prompt window and launched “netstat -a” to see that my machine was sanning port 135. I brought my computer at work and the technician scanned it with his Symantec Corporate Edition 10.1 and told me I had win32.trojano-1124 which was not detected by avast. I reinstalled everything from my original CDs (Windows 2000 and Office 2000 - that’s all I use), installed all the latest Windows and Office updates.
The second time, similar scenario, except it was port 445. Again, took again computer to work. This time, technician tells me I am infected by w32.spybot.worm. He asked me if I was running Kazaa or MIRC, but other that Office 2000, I am not running anything else.
How come avast could not detect those two viruses?
Not a software is perfect… An antivirus based on signatures needs constant improvement.
If you can, please, send the samples to virus@avast.com and post a link to this thread in the email body.
We’re asking for better detection all the time (http://forum.avast.com/index.php?topic=26293). :-\
You have to ask yourself what it was that you were doing that put you at risk, it is possible to exercise safe hex and limit exposure. Read How did I get infected in the first place? and follow the advice. Check out the DropMyRights link in my signature.