SAS Misses Detection of Worm-Win32/Winko.A

[irrationalgeek]

Can SAS have an update so that it can remove the Worm-Win32/Winko.A malware please?

CounterSpy: http://research.sunbelt-software.com...hreatid=153652

Mcafee: http://vil.nai.com/vil/content/v_142642.htm

[lodore]

hello irrationalgeek,
why dont you submit a support ticket?
http://www.superantispyware.com/csrcreateticket.html
does kaspersky detect that worm?
if not can you please sent it to kaspersky so they can update there bases.
the email address is below.
newvirus[AT]kaspersky.com
it might already be the in kaspersky definitions already thou.
has that worm infected your computer?
lodore

[irrationalgeek]

Yes. I've submitted a support ticket, thing is the infection is on a computer that I just can't get to right now.

If I could I'd do a scan with Kaspersky on it too.

[lodore]

oh i understand the situation now.
even drweb cure it might be able to remove it
link in my sig.
shame avptool isnt final yet.
lodore

[irrationalgeek]

Completed online diagnostic. Now waiting to see if there are new signatures that enable SAS to remove this annoying worm.

[aigle]

I used SAS some time ago and I noticed its worm detection was not so good( very brief experience). Can anybody confirm this?

[EASTER]

Quote:

Originally Posted by aigle

I used SAS some time ago and I noticed its worm detection was not so good( very brief experience). Can anybody confirm this?

Don't forget even though SAS picks up even some databased viruses/worms, it is NOT an Anti-Virus. Your AV should have alerted to it and even a HIPS! will jump up an ALERT on anything strange or new.

Regards EASTER

[aigle]

In my experience, worms are most common threat in the area I live, esp the USB worms. It,s nice to have an added layer for them. I am saying it for ordinary users who use only signature based security. I someimes install AV for some of people who don,t know anything about malware and I thought of adding SAS free but it lacks worms/ trojan detection. AVG AS detects most worms/ trojans so I will prefer that for ordinary users.

I am not sure about BOClean but it too lacks detection of worms I think. Anyone?

In the end, I have no choice except for an AV only when I have to set-up free security for an ordinary user. They can,t use non-sig based security. Even the popup of an AV might be confusing for them.

Personally If my AV does miss a worm, no problems, I am sure I can catch it via my Sandbox/ HIPS/ CH etc.

[GES/POR]

Never come in contact with worms at least not that i know off but seen many trojans and offcourse spyware on others pc's.

[aigle]

I think it depends upon the location one lives.
In my area I see Brontok USB worm very common with some other worms and trojans.

[GES/POR]

Kind of common spread malware depends on culture?

[fcukdat]

Quote:

Originally Posted by irrationalgeek

Can SAS have an update so that it can remove the Worm-Win32/Winko.A malware please?

CounterSpy: http://research.sunbelt-software.com...hreatid=153652

Mcafee: http://vil.nai.com/vil/content/v_142642.htm

If you don't get your update as quick as you need it then maybe since CounterSpy offers a free time limited trial of its software then this would be an option in your cleaning of the infected PC.

HTH

[irrationalgeek]

Quote:

Originally Posted by fcukdat

If you don't get your update as quick as you need it then maybe since CounterSpy offers a free time limited trial of its software then this would be an option in your cleaning of the infected PC.

HTH

Also have a license of CS so I installed it and got rid of the worm. Hope the updated signatures with removal of Winko.A are close though.