Does AVG detect virus based on a heuristic model where it finds Virus
like behaviors. It may not know which virus it is but it knows it is
acting like a virus.
I believe that NOD32 and Blink find things this way as well as by definitions.
On Feb 4, 2008 11:29 AM, Richard P. <[EMAIL PROTECTED]> wrote:
> This morning, AVG scan found what it says is a trojan horse downloader.
> When I asked for more details, it said it didn't exist in its database.
> I went ahead and healed it but wonder what it is and whether or not it
> is a false positive.
>
> Details:
> AVG Free Edition Resident Shield
> Threat Detected!
> While opening file:
> C:\System Volume
> Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP47\A0014445.exe
> Trojan horse Downloader.VB.AXO
>
> It also found a change, file: shell32.dll in C:\WINDOWS\system32\shell32.dll
>
> I haven't been able to find any real info on the trojan. Any input will
> be greatly appreciated.
>
> Thanks in advance,
>
> Richard P.
>
>
> ************************************************************************
> * ==> QUICK LIST-COMMAND REFERENCE - Put the following commands in <==
> * ==> the body of an email & send 'em to: [EMAIL PROTECTED] <==
> * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name
> * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST
> * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L
> * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress
> * Need more help? Send mail to: [EMAIL PROTECTED]
> ************************************************************************
> * List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l
> * List archive at www.mail-archive.com/[email protected]/
> * RSS at www.mail-archive.com/[email protected]/maillist.xml
> * Messages bearing the header "X-No-Archive: yes" will not be archived
> ************************************************************************
>
--
John Duncan Yoyo
-------------------------------o)
************************************************************************
* ==> QUICK LIST-COMMAND REFERENCE - Put the following commands in <==
* ==> the body of an email & send 'em to: [EMAIL PROTECTED] <==
* Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name
* Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST
* Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L
* New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress
* Need more help? Send mail to: [EMAIL PROTECTED]
************************************************************************
* List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l
* List archive at www.mail-archive.com/[email protected]/
* RSS at www.mail-archive.com/[email protected]/maillist.xml
* Messages bearing the header "X-No-Archive: yes" will not be archived
************************************************************************
