Discussion in 'other anti-virus software' started by Durad, May 19, 2006.
Done. I just forwarded the sample to you.
Is it detected by F-Prot?
That may be so, but for purposes of the posted outbreaks, heuristics DID work, and there was no update needed.
You are right however: for those AV's that have no/poor heuristics, and have to depend on timely signatures, you can be caught with your proverbial pants down.
AntiVir 188.8.131.52 05.22.2006 TR/Drop.Zlob.FK.2.A
Authentium 4.93.8 05.22.2006 no virus found
Avast 4.6.695.0 05.22.2006 no virus found
AVG 386 05.22.2006 Downloader.Zlob.AFD
BitDefender 7.2 05.22.2006 no virus found
CAT-QuickHeal 8.00 05.21.2006 no virus found
ClamAV devel-20060426 05.22.2006 no virus found
DrWeb 4.33 05.22.2006 Trojan.Popuper
eTrust-InoculateIT 23.72.14 05.21.2006 no virus found
eTrust-Vet 12.4.2221 05.22.2006 no virus found
Ewido 3.5 05.22.2006 no virus found
Fortinet 184.108.40.206 05.22.2006 W32/Zlob.AFD!tr.dldr
F-Prot 3.16c 05.22.2006 no virus found
Ikarus 0.2.65.0 05.22.2006 Trojan-Downloader.Win32.Zlob.ni
Kaspersky 220.127.116.11 05.22.2006 Trojan-Downloader.Win32.Zlob.pl
McAfee 4767 05.22.2006 no virus found
Microsoft 1.1440 05.22.2006 no virus found
NOD32v2 1.1553 05.22.2006 Win32/TrojanDownloader.Zlob.OI
Norman 5.90.17 05.22.2006 no virus found
Panda 18.104.22.168 05.22.2006 no virus found
Sophos 4.05.0 05.22.2006 no virus found
Symantec 8.0 05.22.2006 no virus found
TheHacker 22.214.171.124 05.22.2006 no virus found
UNA 1.83 05.22.2006 no virus found
VBA32 3.11.0 05.22.2006 Trojan-Downloader.Win32.Zlob.pl
These Zlob variants are getting annoying - new variants every 24 hours. You know the URLs, so why not automate collection with a simple wget script. These shouldn't need to be submitted by members of the public for AVs to obtain samples and add them if they're a priority.
Well, I've not a big experience in virus/trojan-submission , but the few times I've sent undetected files, Avira/H+BEDV were the fastest - I'm still waiting for a reply from few other companies, which are not detecting theses samples yet .. (I'm wondering if they've flagged my mails as spam indeed ).
This morning I sent an infected file ( trojan Zlob) to este & kaspersky.
They detect it now.
But I have a common sense question for now :WHAT ARE ALL THE OTHER ANTIVIRUS VENDORS DOING ?(except DrWeb).How do they protect their clients ?
Adding it later? Relax, it aint the end of the world you know..
yeah, but Bit Defender seems to be really out of the matter...out of my 7 variants of Trojan.Zlob it detects only one.
Separate names with a comma.