NOD2 and VBA32 miss new Bagle Variant

Discussion in 'other anti-virus software' started by Kye-U, Sep 12, 2005.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    http://www.dslreports.com/forum/remark,14346909

    :'(
     
  2. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Never mind, NOD32 does detect it xD
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    I checked the file at Jotti's when there were only 2 AV that detected it, KAV was not among them. Anyway, it was only a dropper and subsequently dropped file was flagged as Bagle.BI, so it wasn't actually a severe threat.
     
  4. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    I had this one show up in my inbox yesterday too as price.zip. I'm also seeing lots of Padobot (aka Korgo) worms showing up.

    Ned
     
    Last edited: Sep 13, 2005
  5. Dimka

    Dimka Registered Member

    Joined:
    Apr 14, 2005
    Posts:
    5
    Location:
    Minsk, Belarus
    It was detected by VBA32 heuristic on level 3 ("excessive") , but scanner on Jotti's site is configured to use level 2. You can scan your files using our online scanner at http://anti-virus.by/check/ (sorry, but only in russian yet), it's configured to use level 3 of heuristics analyzer.
     
  6. SDS909

    SDS909 Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    333
    Important point, and one of the reasons why VBA32 tests so high in my own testings, I use aggressive heuristics. Also i've noticed Jotti uses Linux version, which I think makes a difference, he really should be running Windows versions of all products.

    VBA32 does exceptionally well on outbreak detections we run here. One of the few, if not the only - to offer Zero-Hour protection for tons of threats. (once again, based on experiances in this specific lab)
     
  7. Az7

    Az7 Guest

    100% True, Paranoia heuristics in VBA32 is impressive!.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.