NOD2 and VBA32 miss new Bagle Variant

Discussion in 'other anti-virus software' started by Kye-U, Sep 12, 2005.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    http://www.dslreports.com/forum/remark,14346909

    :'(
     
  2. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Never mind, NOD32 does detect it xD
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I checked the file at Jotti's when there were only 2 AV that detected it, KAV was not among them. Anyway, it was only a dropper and subsequently dropped file was flagged as Bagle.BI, so it wasn't actually a severe threat.
     
  4. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    I had this one show up in my inbox yesterday too as price.zip. I'm also seeing lots of Padobot (aka Korgo) worms showing up.

    Ned
     
    Last edited: Sep 13, 2005
  5. Dimka

    Dimka Registered Member

    Joined:
    Apr 14, 2005
    Posts:
    5
    Location:
    Minsk, Belarus
    It was detected by VBA32 heuristic on level 3 ("excessive") , but scanner on Jotti's site is configured to use level 2. You can scan your files using our online scanner at http://anti-virus.by/check/ (sorry, but only in russian yet), it's configured to use level 3 of heuristics analyzer.
     
  6. SDS909

    SDS909 Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    333
    Important point, and one of the reasons why VBA32 tests so high in my own testings, I use aggressive heuristics. Also i've noticed Jotti uses Linux version, which I think makes a difference, he really should be running Windows versions of all products.

    VBA32 does exceptionally well on outbreak detections we run here. One of the few, if not the only - to offer Zero-Hour protection for tons of threats. (once again, based on experiances in this specific lab)
     
  7. Az7

    Az7 Guest

    100% True, Paranoia heuristics in VBA32 is impressive!.
     
Loading...
Thread Status:
Not open for further replies.