|
|
#1
March 5th, 2009, 12:40 PM
|
|||
|
|||
W32/Buzus.AWL Trojan
Is this going to be including in any upcoming builds? Our office just got hit with it and ESET did nothing. Virus appears as e-card.zip form "American Greetings".
|
|
#2
March 5th, 2009, 12:53 PM
|
||||
|
||||
|
Re: W32/Buzus.AWL Trojan
If you follow these steps it will be included by the next day: http://kb.eset.com/esetkb/index?page=content&id=SOLN141
Please add as much information as possible to the email. What make you think you're infected, and how are you aware of the name?
__________________
OpenDNS with DNSCrypt SSD: Windows 8 Pro x64 | IE10 (Enhanced Protected Mode) & Fanboy's TPLs HDD: Xubuntu 12.04 LTS (x64) | Firefox: ABP(Fanboy's list) & HTTPS Everywhere |
|
#3
March 5th, 2009, 01:05 PM
|
|||
|
|||
|
Re: W32/Buzus.AWL Trojan
It was an email that got past our email security device from "American Greetings" supposedly and had a file-name of "e-card.zip". I looked it up today and many antivirus programs have already updated and caught it. I am just curious as to why ESET has yet to update. I will send the file once I am on-site.
|
|
#4
March 5th, 2009, 01:12 PM
|
|||
|
|||
|
Re: W32/Buzus.AWL Trojan
Those messages have been getting deleted by the Outlook filter at my site for over a week now (first saw them on the 25th). They were detected as a variant of Win32/Merond.C.
|
|
#5
March 5th, 2009, 01:15 PM
|
|||
|
|||
|
Re: W32/Buzus.AWL Trojan
Here is an article on the virus. http://www.plixer.com/blog/tag/e-cardzip/
What I would like to know is why a no-name blogger has information (technical information) about the virus on February 27th, 2009 and ESET, 5 days later, did not catch this at all and 5 people on my network opened the file and get hit. |
|
#6
March 5th, 2009, 01:29 PM
|
|||
|
|||
|
Re: W32/Buzus.AWL Trojan
Again, Nod32 IS detecting this. The heuristics were picking it up on the 25th at my site and another one got picked up two days ago, this time detected with a proper signature for W32/TrojanDownloader.FakeAlert.LG trojan. You might want to go back and check the scanning options that you are using.
|
|
#7
March 5th, 2009, 01:42 PM
|
|||
|
|||
|
Re: W32/Buzus.AWL Trojan
I am 100% positive that our scanning options are correct. I also know that we are scanning emails. This got past ESET completely. Also our Exchange server is blocking these, but it appears somebody received it through their hotmail to start the outbreak. This is a new variant of a virus that is about a week old. I am just wondering when a fix will be available.
|
|
#8
March 5th, 2009, 02:34 PM
|
||||
|
||||
|
Re: W32/Buzus.AWL Trojan
From my experience I get a reply and an update <24 hours after submission.
__________________
OpenDNS with DNSCrypt SSD: Windows 8 Pro x64 | IE10 (Enhanced Protected Mode) & Fanboy's TPLs HDD: Xubuntu 12.04 LTS (x64) | Firefox: ABP(Fanboy's list) & HTTPS Everywhere |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
