Virus Sample!!!

Hi… Comodo team.
Here i submit the virus sample (3 files attached, password: virus) to this forum. Because CAVS with Virus Database version: cannot detect it. AntiVir PE detected as ‘TR/Crypt.CFI.Gen’.
Sorry if i submit in the wrong room because i cannot find sticky thread to submit suspect virus.
Thank you.

hi big ben (:WAV)
are you indonesian? maybe PCmedia AV can detects it? you can submit the sample via CAVS quarantine menu

Hi… Ganda. Yes I am Indonesian. :SMLR
Thx ur advice. Yes i submitted thru CAVS.
I can say that most of indonesian virus cannot be detected by CAVS. That’s why if possible i’d like to submit for them to analyse.

While we appreciate your intentions, please do not post live virus samples on this public forum.

Please submit the samples thourgh the CAVS File Submission function in future.

Thanks in advance,
Ewen :slight_smile:

Yes sir mod panic…
Next time i will know, thx for ur editing post.

Today CAVS v2.0.17.58 with virus database version already can detect as ‘Worm.W32.VB.jr’, cannot be disinfect but quarantined it.

Thx comodo research lab for fast action.

N.B.: I do not dare to infect to myself so I am sorry that I cannot tell you now the symptom of infection.

well you can try infecting a sandbox and see what files does it change… or infect a Virtual Machine, that’s how i used to do… pretty effective - create a snapshot with the program like Ashampoo Uninstaller, infect and then create snapshot again and find the difference :-))

No problems - thanks for helping.

Ewen :slight_smile: