New msn worm - No Heuristic detection

Discussion in 'NOD32 version 2 Forum' started by jg88swe, Feb 24, 2005.

Thread Status:
Not open for further replies.
  1. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    Hey
    NEW MSN WORM

    Message looks like this:
    Code:
    *** URGENT *** Download the latest patch from http://msnupdate.***.com/ to prevent getting infected by W32.Bropia.C.
    
    No Heuristic detection :(
     

    Attached Files:

    • 1231.gif
      1231.gif
      File size:
      11.3 KB
      Views:
      638
  2. r3l4x

    r3l4x Registered Member

    Joined:
    Jun 6, 2004
    Posts:
    19
    IM-Worm.Win32.Kelvir.a

    Added in the next updates of KAV ;)
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Can you please forward this to samples@eset.com

    Cheers :D
     
  4. r3l4x

    r3l4x Registered Member

    Joined:
    Jun 6, 2004
    Posts:
    19
    done ;)
     
  5. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    i dont thinks its any use to send something to ESET!
    All my emails have been ignored for the last half-year with no replys so i dont do that anymore ;)

    If not anyone can supply me with a WORKNIG adress, or a direct adress to a virus anylizer...

    got about 10 common trojans in my virussample that NOD32 dont detect, but they just ignore it ;)
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Guys,
    the sample is going to be added to the next update. It's beyond us to reply to every single email given that we are being deluged with samples. The samples are added on a per-need basis which means ITW samples are added instantly whereas the rest will be added at a later time.
     
  7. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    Well, i think you should hire someone that only replys on emails then :p Kaspersky semse to manage it pritty well...

    And if i mail Support i get no awnser there either, like that TrojanDownloader.⓴汫8৹Ỡϛ with the weird name... it havent been fixed and it havent been replyed...
    When AMON scans that file the computer will shutdown without a warning first time. Thats a major bug i think, but just ignored as the rest
     
  8. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Added in 1.1008 as Win32/Kelvir.A.
     
  9. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,108
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,044
    Location:
    Texas
  11. ASSNeeded

    ASSNeeded Guest

    The as needed addition is really stupid.
    I wonder how many people got infected with a trojan that was not detected by NOD32 but it was at the hands of the Malware analyzer for weeks.
    I guess the person that got infected does not really like the idea that NOD32 deemed the detection of that strain as "not yet needed".


    We need to produce more Smalpox Vaccine!!!
    No it's NOT NEEDED yet.

    (Huge smallpox outbreak, 50000 people die).

    HEY we got the vaccine now since it's needed, but the 50K people that could have been saved and weren't well I guess "bad luck".



    P.S.
    How about all the people who had their Identity stolen because that specific strain was not thought to be ITW so it "wasn't needed"?
    Maybe the reason why it wasn't ITW since it was a lab only thing that a specific hacker decided to use as a pet project in order to infect a specific system (but somehow NOD32 tech got the strain...but decided that since it's not ITW then it's not needed).
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.