Heads up! Norton/Yahoo doesn't identify this Beagle infection

  • Thread starter Thread starter Kevin
  • Start date Start date
K

Kevin

I received a file named 'Joke.com' today - obviously a virus - that
neither NAV with the 19/05/04 definitions, nor Yahoo online scanner
(coincidently supplied by Norton?) identified.

I've made a submission to Norton, I don't know whether they're worried
about missing the odd file though.
 
Kevin said:
I received a file named 'Joke.com' today - obviously a virus -
Click to expand...

Obviously.....something suspicious, but settling on "virus" is a bit
premature. It could be *anything*. How did you determine that
it was a Beagle variant?
that neither NAV with the 19/05/04 definitions, nor Yahoo online
scanner (coincidently supplied by Norton?) identified.
Click to expand...

It could be a new *anything*, or a nothing (I suspect an *anything*).
I've made a submission to Norton,
Click to expand...

Good, I would say that this is the best course of action for you to
take. I hope that they don't disappoint you with their response.
I don't know whether they're worried about missing the odd file
though.
Click to expand...

If it is indeed something new that they should detect, then they
should be happy to have had it submitted to them by you. This
is how many malicious files get noticed (especially trojans).

Do let us know what Norton had to say about your submission
won't you?
 
Kevin said:
I received a file named 'Joke.com' today - obviously a virus - that
neither NAV with the 19/05/04 definitions, nor Yahoo online scanner
(coincidently supplied by Norton?) identified.

I've made a submission to Norton, I don't know whether they're worried
about missing the odd file though.
Click to expand...
I had a a few get thru Norton. Got fed up and installed NOD32... been
very happy ever since.
 
FromTheRafters said:
Obviously.....something suspicious, but settling on "virus" is a bit
premature. It could be *anything*. How did you determine that
it was a Beagle variant?
Click to expand...

I didn't give you all the information that I had. I had the history, I
saw the effects, I monitored the processes... (And I sent it to my
server, which is running Trend, which identified it!)
It could be a new *anything*, or a nothing (I suspect an *anything*).
Click to expand...

It was an 'anything', as the new, released today, NAV download
confirms.
Good, I would say that this is the best course of action for you to
take. I hope that they don't disappoint you with their response.
Click to expand...

The response was entirely automatic, and didn't address the concern,
which was that my anti virus was not identifying the file as infected.
That's why I said:
If it is indeed something new that they should detect, then they
should be happy to have had it submitted to them by you. This
is how many malicious files get noticed (especially trojans).

Do let us know what Norton had to say about your submission
won't you?
Click to expand...

They said this:

--------------------------------------------------------------------------

We have analyzed your submission. The following is a report of our
findings for each file you have submitted:

filename: Joke.com
machine: AVCAutomation:
result: This file is infected with W32.Beagle.X@mm

Developer notes:
Joke.com is W32.Beagle.X@mm. For more information, please visit
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]


The current monthly definitions are capable of detecting and repairing
this virus. Please update your definitions by clicking the
"LiveUpdate"
button in your NAV program.

Should you have any questions about your submission, please contact
your regional technical support from the Symantec website and give
them
the tracking number in the subject of this message.

--------------------------------------------------------------------------

For the record, I had already updated the definitions, although I'm
not in control of the Yahoo antivirus engine. I did try and find a
link to a person in the 'regional technical support from the Symantec
website' without success. Today, both the NAV on the machine in
question, and the Yahoo scan, were identifying this file correctly.
This was after the automatic update had been applied, presumably in
both places.
 
There are a zillion viruses that norton dosent detect.Norton is the absolute
worse virus scanner there is IMO
"
 
Kevin said:
I didn't give you all the information that I had. I had the history, I
saw the effects, I monitored the processes... (And I sent it to my
server, which is running Trend, which identified it!)
Ahhh!

The response was entirely automatic, and didn't address the concern,
which was that my anti virus was not identifying the file as infected.
Click to expand...

People submit files for different reasons, it seems to me that they would
be concerned about a file submitted because it *should* have been a
detectable (known) variant. Perhaps they misunderstood your motive.
For the record, I had already updated the definitions, although I'm
not in control of the Yahoo antivirus engine. I did try and find a
link to a person in the 'regional technical support from the Symantec
website' without success. Today, both the NAV on the machine in
question, and the Yahoo scan, were identifying this file correctly.
This was after the automatic update had been applied, presumably in
both places.
Click to expand...

Perhaps others had brought this to their attention as well, and they
made corrections to their definitions.

It just goes to show that even known malware can sometimes get
through, and illustrates the importance of other tools (like brains)
being put to good use.
 
someone calling you that dog that follows someone around
or, basically you aint worthy
or talkin bout themselves

cause i do sure know that beagle virus, very well
 
and even thought the antivirus people came back and said there was a fix,
download here.. which one specifically cause none came back saying the virus
was fixed or even there..
and that beagle came back another day
..pif too
 
Back
Top