SAS Misses Detection of Worm-Win32/Winko.A

Discussion in 'other anti-malware software' started by irrationalgeek, Aug 14, 2007.

Thread Status:
Not open for further replies.
  1. irrationalgeek

    irrationalgeek Registered Member

    Joined:
    Jul 18, 2007
    Posts:
    35
    Last edited: Aug 14, 2007
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,007
    hello irrationalgeek,
    why dont you submit a support ticket?
    http://www.superantispyware.com/csrcreateticket.html
    does kaspersky detect that worm?
    if not can you please sent it to kaspersky so they can update there bases.
    the email address is below.
    newvirus[AT]kaspersky.com
    it might already be the in kaspersky definitions already thou.
    has that worm infected your computer?
    lodore
     
  3. irrationalgeek

    irrationalgeek Registered Member

    Joined:
    Jul 18, 2007
    Posts:
    35
    Yes. I've submitted a support ticket, thing is the infection is on a computer that I just can't get to right now. :doubt:

    If I could I'd do a scan with Kaspersky on it too.
     
  4. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,007
    oh i understand the situation now.
    even drweb cure it might be able to remove it
    link in my sig.
    shame avptool isnt final yet.
    lodore
     
  5. irrationalgeek

    irrationalgeek Registered Member

    Joined:
    Jul 18, 2007
    Posts:
    35
    Completed online diagnostic. Now waiting to see if there are new signatures that enable SAS to remove this annoying worm. :eek:
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I used SAS some time ago and I noticed its worm detection was not so good( very brief experience). Can anybody confirm this?
     
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    Don't forget even though SAS picks up even some databased viruses/worms, it is NOT an Anti-Virus. Your AV should have alerted to it and even a HIPS! will jump up an ALERT on anything strange or new.

    Regards EASTER
     
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    In my experience, worms are most common threat in the area I live, esp the USB worms. It,s nice to have an added layer for them. I am saying it for ordinary users who use only signature based security. I someimes install AV for some of people who don,t know anything about malware and I thought of adding SAS free but it lacks worms/ trojan detection. AVG AS detects most worms/ trojans so I will prefer that for ordinary users.

    I am not sure about BOClean but it too lacks detection of worms I think. Anyone?

    In the end, I have no choice except for an AV only when I have to set-up free security for an ordinary user. They can,t use non-sig based security. Even the popup of an AV might be confusing for them.

    Personally If my AV does miss a worm, no problems, I am sure I can catch it via my Sandbox/ HIPS/ CH etc.
     
  9. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Never come in contact with worms at least not that i know off but seen many trojans and offcourse spyware on others pc's.
     
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I think it depends upon the location one lives.
    In my area I see Brontok USB worm very common with some other worms and trojans.
     
  11. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Kind of common spread malware depends on culture? :p
     
  12. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
  13. irrationalgeek

    irrationalgeek Registered Member

    Joined:
    Jul 18, 2007
    Posts:
    35
    :D Also have a license of CS so I installed it and got rid of the worm. Hope the updated signatures with removal of Winko.A are close though. :'(
     
Loading...
Thread Status:
Not open for further replies.