Virus Sample!!!

bigben

Comodo Member

Offline

Posts: 29

Virus Sample!!!

« on: December 12, 2007, 09:22:55 PM »

Hi... Comodo team.
Here i submit the virus sample (3 files attached, password: virus) to this forum. Because CAVS with Virus Database version: 2.0.0.371 cannot detect it. AntiVir PE detected as 'TR/Crypt.CFI.Gen'.
Sorry if i submit in the wrong room because i cannot find sticky thread to submit suspect virus.
Thank you.


« Last Edit: December 13, 2007, 02:24:27 AM by panic »	Logged

OS: Win Vista Business x32 SP2 & CIS 3.13.121240.574

ganda claus

soya's mentor
Global Moderator
Comodo's Hero

Offline

Posts: 5638

ho ho ho

Re: Virus Sample!!!

« Reply #1 on: December 12, 2007, 09:56:29 PM »

hi big ben Wave

are you indonesian? maybe PCmedia AV can detects it? you can submit the sample via CAVS quarantine menu


	Logged

bigben

Comodo Member

Offline

Posts: 29

Re: Virus Sample!!!

« Reply #2 on: December 12, 2007, 11:41:16 PM »

Hi... Ganda. Yes I am Indonesian. Smiler

Thx ur advice. Yes i submitted thru CAVS.
I can say that most of indonesian virus cannot be detected by CAVS. That's why if possible i'd like to submit for them to analyse.


	Logged

OS: Win Vista Business x32 SP2 & CIS 3.13.121240.574

panic

Global Moderator
Comodo's Hero

Offline

Posts: 7738

... and I say to myself, "What a wonderful world"

Re: Virus Sample!!!

« Reply #3 on: December 13, 2007, 02:31:33 AM »

Quote from: bigben on December 12, 2007, 09:22:55 PM

While we appreciate your intentions, please do not post live virus samples on this public forum.

Please submit the samples thourgh the CAVS File Submission function in future.

Thanks in advance,
Ewen :-)


	Logged

As your mums would say, "If you can't play nice with all the other kiddies, go home".
All users are asked to please read and abide by the Comodo Forum Policy.
If you don't like it, don't use the forum.

bigben

Comodo Member

Offline

Posts: 29

Re: Virus Sample!!!

« Reply #4 on: December 14, 2007, 01:22:58 AM »

Yes sir mod panic...
Next time i will know, thx for ur editing post.

Today CAVS v2.0.17.58 with virus database version 2.0.0.372 already can detect as 'Worm.W32.VB.jr', cannot be disinfect but quarantined it.

Thx comodo research lab for fast action.

N.B.: I do not dare to infect to myself so I am sorry that I cannot tell you now the symptom of infection.


	Logged

OS: Win Vista Business x32 SP2 & CIS 3.13.121240.574

Burillo

Computer Security Testing Group
Comodo's Hero

Offline

Posts: 324

Bunghole

Re: Virus Sample!!!

« Reply #5 on: December 14, 2007, 01:57:49 AM »

well you can try infecting a sandbox and see what files does it change... or infect a Virtual Machine, that's how i used to do... pretty effective - create a snapshot with the program like Ashampoo Uninstaller, infect and then create snapshot again and find the difference :-))