Symantec shines

Symantec shines
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Anti-Virus Software    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Symantec shines Jari Lehtonen 06-29-2005
Posted by Jari Lehtonen on June 29, 2005, 10:26 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I sent a known infected file tha was spammed here in usenet yesterday
to jotti.org and virustotal.com online scanners. All other AV's than
Symantec found the infection. Virus names were quite different though.


AntiVir 6.31.0.7 06.29.2005 W32/Xorala
Avira 6.31.0.7 06.29.2005 W32/Xorala
BitDefender 7.0 06.29.2005 Win32.Swen.A@mm
ClamAV devel-20050501 06.29.2005 Worm.Gibe.F
DrWeb 4.32b 06.29.2005 Win32.HLLM.Gibe.2
eTrust-Iris 7.1.194.0 06.28.2005 Win32/Valla.2048
eTrust-Vet 11.9.1.0 06.29.2005 Win32.Valla.2048
Fortinet 2.36.0.0 06.29.2005 W32/Valla.A
Ikarus 2.32 06.28.2005 Email-Worm.Win32.Swen.A
Kaspersky 4.0.2.24 06.29.2005 Virus.Win32.Xorala
McAfee 4523 06.28.2005 W32/Valla.a
NOD32v2 1.1157 06.28.2005 Win32/Xorala.A
Norman 5.70.10 06.28.2005 W32/Valla.2048
Panda 8.02.00 06.28.2005 W32/Valla.2048
Sybari 7.5.1314 06.29.2005 I-Worm.Swen.A1

Symantec 8.0 06.29.2005 no virus found

TheHacker 5.8.2.062 06.29.2005 W32/Valla.A
VBA32 3.10.4 06.28.2005 Win32.Xoralda.2048
ArcaVir Found Worm.Swen
Avast Found Win32:Swen
AVG Antivirus Found Win32/Valla.2048
F-Prot Antivirus Found W32/Harmony.A




Posted by David H. Lipman on June 29, 2005, 2:14 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| I sent a known infected file tha was spammed here in usenet yesterday
| to jotti.org and virustotal.com online scanners. All other AV's than
| Symantec found the infection. Virus names were quite different though.
|
| AntiVir 6.31.0.7 06.29.2005 W32/Xorala
| Avira 6.31.0.7 06.29.2005 W32/Xorala
| BitDefender 7.0 06.29.2005 Win32.Swen.A@mm
| ClamAV devel-20050501 06.29.2005 Worm.Gibe.F
| DrWeb 4.32b 06.29.2005 Win32.HLLM.Gibe.2
| eTrust-Iris 7.1.194.0 06.28.2005 Win32/Valla.2048
| eTrust-Vet 11.9.1.0 06.29.2005 Win32.Valla.2048
| Fortinet 2.36.0.0 06.29.2005 W32/Valla.A
| Ikarus 2.32 06.28.2005 Email-Worm.Win32.Swen.A
| Kaspersky 4.0.2.24 06.29.2005 Virus.Win32.Xorala
| McAfee 4523 06.28.2005 W32/Valla.a
| NOD32v2 1.1157 06.28.2005 Win32/Xorala.A
| Norman 5.70.10 06.28.2005 W32/Valla.2048
| Panda 8.02.00 06.28.2005 W32/Valla.2048
| Sybari 7.5.1314 06.29.2005 I-Worm.Swen.A1
|
| Symantec 8.0 06.29.2005 no virus found
|
| TheHacker 5.8.2.062 06.29.2005 W32/Valla.A
| VBA32 3.10.4 06.28.2005 Win32.Xoralda.2048
| ArcaVir Found Worm.Swen
| Avast Found Win32:Swen
| AVG Antivirus Found Win32/Valla.2048
| F-Prot Antivirus Found W32/Harmony.A
|

One of the *biggest* problems in the idustry is the naming convention problem. {
sigh }

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm




Posted by Mal on June 30, 2005, 8:34 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Jari Lehtonen wrote:
> I sent a known infected file tha was spammed here in usenet yesterday
> to jotti.org and virustotal.com online scanners. All other AV's than
> Symantec found the infection. Virus names were quite different though.
>



From looking at this, it appears the file was a standard W32/Swen.A@MM
executable (also known as Gibe) which was then infected with a parasitic
virus known as Valla/Xorala.

Interesting Symantec missed it.


Posted by Roger Wilco on June 29, 2005, 7:25 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> Jari Lehtonen wrote:
> > I sent a known infected file tha was spammed here in usenet
yesterday
> > to jotti.org and virustotal.com online scanners. All other AV's than
> > Symantec found the infection. Virus names were quite different
though.
> >
>
>
>
> From looking at this, it appears the file was a standard
W32/Swen.A@MM
> executable (also known as Gibe) which was then infected with a
parasitic
> virus known as Valla/Xorala.
>
> Interesting Symantec missed it.

I was thinking the same thing. I wonder if it (they) were viable. Is the
posted subject "Symantec shines" an indication that Jari agrees with
Symantec's findings?




Posted by Jari Lehtonen on July 2, 2005, 11:34 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
On Wed, 29 Jun 2005 19:25:23 -0400, "Roger Wilco"

>I was thinking the same thing. I wonder if it (they) were viable. Is the
>posted subject "Symantec shines" an indication that Jari agrees with
>Symantec's findings?
>
I was trying to be sarcastic. Such a big name as Symantec being the
only one not recognizing this infection is really a major disaster.
SAV is considered in this group a decent av (opposite to Norton av),
but not finding swen is not very convincing.
Jari


Similar ThreadsPosted
is there a Symantec NG ? January 16, 2006, 9:08 am
Symantec December 30, 2006, 2:29 pm
Apology to Symantec March 27, 2006, 9:47 am
Mcafee vs Symantec April 29, 2007, 10:34 pm
symantec query April 12, 2008, 3:07 pm
I need to choose between symantec and CA.. June 2, 2008, 5:14 pm
How is Symantec doing with XPAntivirus? See for yourself. August 31, 2008, 11:42 am
Anfrage zu NAV: Symantec NetDetect June 17, 2005, 3:54 pm
Kaspersky Vs. Norton/Symantec June 17, 2005, 12:20 pm
There were no new updates available for any of your Symantec products. July 15, 2005, 5:41 pm

The site map in XML format XML site map

Contact Us | Privacy Policy