safe or not?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
From http://virusscan.jotti.org /

File:  Servant.Salamander.v2.50.RC2-rG.zip  
Status:  INFECTED/MALWARE  
MD5  75dc0859df4a4bcd9e35bc3830f3efa3  
Packers detected:  PE_PATCH.UPX, UPX
Scanner results  
AntiVir  Found Heuristic/Malware (probable variant)  
ArcaVir  Found nothing
Avast  Found nothing
AVG Antivirus  Found nothing
BitDefender  Found Trojan.Downloader.Zlob.AZV  
ClamAV  Found nothing
Dr.Web  Found nothing
F-Prot Antivirus  Found nothing
F-Secure Anti-Virus  Found Trojan-Downloader.Win32.Zlob.ban  
Fortinet  Found nothing
Kaspersky Anti-Virus  Found Trojan-Downloader.Win32.Zlob.ban  
NOD32  Found nothing
Norman Virus Control  Found nothing
VirusBuster  Found nothing
VBA32  Found nothing

Re: safe or not?

badgolferman, 11/26/2006,11:17:43 PM, wrote:

Quoted text here. Click to load it

-----------------------

Additional information:
http://www.virustotal.com/en/indexf.html

Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 DR/Zlob.Gen
Authentium 4.93.8 11.24.2006  no virus found
Avast 4.7.892.0 11.23.2006  no virus found
AVG 386 11.27.2006 Downloader.Zlob.DX
BitDefender 7.2 11.27.2006 Trojan.Downloader.Zlob.AZV
CAT-QuickHeal 8.00 11.25.2006  no virus found
ClamAV devel-20060426 11.25.2006  no virus found
DrWeb 4.33 11.26.2006  no virus found
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006  no virus found
eTrust-Vet 30.3.3211 11.24.2006  no virus found
Ewido 4.0 11.26.2006  no virus found
Fortinet 2.82.0.0 11.27.2006 suspicious
F-Prot 3.16f 11.24.2006  no virus found
F-Prot4 4.2.1.29 11.24.2006  no virus found
Ikarus 0.2.65.0 11.24.2006 Trojan-Downloader.Win32.Zlob.aof
Kaspersky 4.0.2.24 11.27.2006 Trojan-Downloader.Win32.Zlob.ban
McAfee 4904 11.24.2006  no virus found
Microsoft 1.1804 11.27.2006  no virus found
NOD32v2 1882 11.24.2006  no virus found
Norman 5.80.02 11.24.2006  no virus found
Panda 9.0.0.4 11.26.2006  no virus found
Prevx1 V2 11.27.2006 Trojan.Zlob.Gen
Sophos 4.11.0 11.16.2006  no virus found
TheHacker 6.0.3.124 11.27.2006  no virus found
UNA 1.83 11.24.2006  no virus found
VBA32 3.11.1 11.26.2006  no virus found
VirusBuster 4.3.15:9 11.26.2006 no virus found

Re: safe or not?


| From http://virusscan.jotti.org /
|
| File:  Servant.Salamander.v2.50.RC2-rG.zip
| Status:  INFECTED/MALWARE
| MD5  75dc0859df4a4bcd9e35bc3830f3efa3
| Packers detected:  PE_PATCH.UPX, UPX
| Scanner results
| AntiVir  Found Heuristic/Malware (probable variant)
| ArcaVir  Found nothing
| Avast  Found nothing
| AVG Antivirus  Found nothing
| BitDefender  Found Trojan.Downloader.Zlob.AZV
| ClamAV  Found nothing
| Dr.Web  Found nothing
| F-Prot Antivirus  Found nothing
| F-Secure Anti-Virus  Found Trojan-Downloader.Win32.Zlob.ban
| Fortinet  Found nothing
| Kaspersky Anti-Virus  Found Trojan-Downloader.Win32.Zlob.ban
| NOD32  Found nothing
| Norman Virus Control  Found nothing
| VirusBuster  Found nothing
| VBA32  Found nothing

No ZLob Trojan is safe !


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: safe or not?

David H. Lipman, 11/27/2006,6:30:41 PM, wrote:

Quoted text here. Click to load it

What am I to make of all the other programs not tagging it as malware,
especially NOD32 which is what I have on my sytem?

Re: safe or not?



|
| What am I to make of all the other programs not tagging it as malware,
| especially NOD32 which is what I have on my sytem?

Submit it !

There are new ZLob Trojan variants being generated on a periodic and regular
basis.  When an
AV vendor does come up with a Heuristic detection, the author(s) change in the
installer
enough to thwart it and the processs begins again.

Here's a page full of submission addresses.
http://www.ik-cs.com/v2/suspicious-files.htm


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: safe or not?


Quoted text here. Click to load it

Now I scan everything I download before I install. Found another one tonight
piggybacking on a file that I downloaded.

David you are right: scan everything.

Regards,



Re: safe or not?



|
| Now I scan everything I download before I install. Found another one tonight
| piggybacking on a file that I downloaded.
|
| David you are right: scan everything.
|
| Regards,
|

You be surprised what's out there.
I recently found a IRC Trojan infected with a Parite virus.  :-)

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: safe or not?


Quoted text here. Click to load it

Thanks for all the help you've been all the time.

Is there any anti-spy program that is high and above all the others?

I've been wanting to try Kaspersky-Pcllian but it tells me I have to
uninstall several of the programs I'm running now and I don't want to do
that.

Regards,



Re: safe or not?



|
| Thanks for all the help you've been all the time.
|
| Is there any anti-spy program that is high and above all the others?
|
| I've been wanting to try Kaspersky-Pcllian but it tells me I have to
| uninstall several of the programs I'm running now and I don't want to do
| that.
|
| Regards,
|


Thanx for that  :-)

The *most* important thing is practicing Safe Hex.

You cabn't have BOTH Kaspersky and PC-Cillin installed simultaneously.
Kaspersky is better.
NOD32 is high on the list and so is Avira anti virus software.

As for non-viral anti spyware applications, I suggest SuperAntiSpyware.
http://www.superantispyware.com/superantispywarefreevspro.html


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline