CAV missed 2 Trojans

[Guest]

[rrcole]

I noticed yesterday that some weird things started happening to my computer, such as the regedit and control panels where locked out by the admin. My account has admin privilages so I suspected a virus. I ram CAV and it came up clean. I then ran some online scanners and they all got hits for a virus infection. I downloaded AVG and ran it. It tagged and removed 3 viruses Trojan Horse Generic8.jdu, Obfustat.swa and Trojan Horse Generic5.HHS.  Why did CAV not catch these?

[ganda]

hi rrcole
 
i should say CAVS is still a BETA, the detection rate ain't the best yet, and there's no AV that can detects 100% malwares out there.
could you pls send the virus/trojan sample to comodo? it will help comodo enlarge its database.

welcome to the forum
 
Ganda

[rrcole]

not to sound stupid, but how do I do that?

hi rrcole
 
i should say CAVS is still a BETA, the detection rate ain't the best yet, and there's no AV that can detects 100% malwares out there.
could you pls send the virus/trojan sample to comodo? it will help comodo enlarge its database.

welcome to the forum
 
Ganda

[ganda]

on CAVS quarantine tab, there's a "submit files" button. then browse & send the suspected file.
and you can email the samples too, but i forgot the email address  (now THIS is sound stupid  ), maybe someone know it? help me please.

P.S. and what about the CAVS HIPS, it doesn't give any warning when these trojans execute?

Ganda

[Little Mac]

You can email them to: malwaresubmit [ at ] avlab.comodo.com .
You may want to specify in the subject line "possible malware" for clarity's sake.
Compress to a zip archive and password protect with "infected" - including that information in the body.

All of this, of course, is predicated on you still having a copy of the malware.  AVG probably has them in its quarantine.

LM

[MJ1988]

Every Antivirus is different. They all have different virus definitions, same for spyware.

Those trojans could have been false positives, AVG is notorious for detecting them.

[Burillo]

maybe you could try some other online scanners - like Trend Micro Housecall or KAV online scanner...

PS definitely not a false positive.

[xergxies]

happen to me also today... my registry, folder option, task manager and cmd been disable after inserting my friend thumb drive. Even i block when CAV HIPS tell me there's a program execution when i insert the thumb drive, the virus still manage to attack. maybe because i leave HIPS to default setting. Already submit the file to comodo lab.. hope it will include in database soon.

Been using beta for about a month and i never encounter technical problem such as BSOD and lock program. No problem while uninstalling also. Hope CAV will get better after leave beta.

For now i change back using Avast! Thanks to Avast! boot time scan i manage to get rid all 300+ virus which some of them reside in memory and can't delete while Windows run. Looking forward to CAV 3..
 

[3xist]

Locked.

Reason: Out-Dated post.

Josh

[Tags:]