From: "AlexB" <
[email protected]>
| Well, you post IS interesting. I will have to study it, it is very serious.
< snip >
Just to prove to you that Microsoft is inadequate, I sent some files to Virus Total.
I stated earlier that even the free Avira AntiVir was better. In the following VT reports
Microsoft's so-called AV solution caught none and AntiVir caught them all.
File rasesnet.exe received on 02.20.2008 20:10:59 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.2.20.0 2008.02.20 -
AntiVir 7.6.0.67 2008.02.20 TR/Vundo.Gen
Authentium 4.93.8 2008.02.20 -
Avast 4.7.1098.0 2008.02.20 -
AVG 7.5.0.516 2008.02.20 -
BitDefender 7.2 2008.02.20 -
CAT-QuickHeal 9.50 2008.02.18 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.02.20 -
DrWeb 4.44.0.09170 2008.02.20 -
eSafe 7.0.15.0 2008.02.20 Suspicious File
eTrust-Vet 31.3.5550 2008.02.20 -
Ewido 4.0 2008.02.20 -
FileAdvisor 1 2008.02.20 -
Fortinet 3.14.0.0 2008.02.19 -
F-Prot 4.4.2.54 2008.02.19 -
F-Secure 6.70.13260.0 2008.02.20 -
Ikarus T3.1.1.20 2008.02.20 -
Kaspersky 7.0.0.125 2008.02.20 not-a-virus:AdWare.Win32.Virtumonde.gen
McAfee 5234 2008.02.20 -
Microsoft 1.3204 2008.02.20 -
NOD32v2 2889 2008.02.20 -
Norman 5.80.02 2008.02.20 -
Panda 9.0.0.4 2008.02.20 -
Prevx1 V2 2008.02.20 Heuristic: Suspicious File With Bad Child Associations
Rising 20.32.22.00 2008.02.20 -
Sophos 4.26.0 2008.02.20 -
Sunbelt 3.0.884.0 2008.02.19 -
Symantec 10 2008.02.20 -
TheHacker 6.2.9.224 2008.02.19 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.20 -
Webwasher-Gateway 6.6.2 2008.02.20 Trojan.Vundo.Gen
Additional information
File size: 52736 bytes
MD5: 8a446c42c124761026bb83f5e7a4fe14
SHA1: 18ae34a10667a0dc6218537fddd1631c0658571d
PEiD: -
Prevx info:
http://info.prevx.com/aboutprogramtext.asp?PX5=7CA65EC8008125EFCE790028B7ED9F00D6EE0635
File wavvsnet.exe received on 02.20.2008 20:11:08 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.2.20.0 2008.02.20 -
AntiVir 7.6.0.67 2008.02.20 TR/Crypt.NSPM.Gen
Authentium 4.93.8 2008.02.20 -
Avast 4.7.1098.0 2008.02.20 -
AVG 7.5.0.516 2008.02.20 Downloader.Zlob.RZ
BitDefender 7.2 2008.02.20 -
CAT-QuickHeal 9.50 2008.02.18 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.02.20 -
DrWeb 4.44.0.09170 2008.02.20 Trojan.DownLoader.47332
eSafe 7.0.15.0 2008.02.20 suspicious Trojan/Worm
eTrust-Vet 31.3.5550 2008.02.20 -
Ewido 4.0 2008.02.20 -
FileAdvisor 1 2008.02.20 -
Fortinet 3.14.0.0 2008.02.19 -
F-Prot 4.4.2.54 2008.02.19 -
F-Secure 6.70.13260.0 2008.02.20 Suspicious:W32/Malware!Gemini
Ikarus T3.1.1.20 2008.02.20 -
Kaspersky 7.0.0.125 2008.02.20 -
McAfee 5234 2008.02.20 -
Microsoft 1.3204 2008.02.20 -
NOD32v2 2889 2008.02.20 -
Norman 5.80.02 2008.02.20 -
Panda 9.0.0.4 2008.02.20 -
Prevx1 V2 2008.02.20 Heuristic: Suspicious File With Outbound Communications
Rising 20.32.22.00 2008.02.20 -
Sophos 4.26.0 2008.02.20 Sus/ComPack
Sunbelt 3.0.884.0 2008.02.19 -
Symantec 10 2008.02.20 -
TheHacker 6.2.9.224 2008.02.19 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.20 -
Webwasher-Gateway 6.6.2 2008.02.20 Trojan.Crypt.NSPM.Gen
Additional information
File size: 158286 bytes
MD5: c8d0ba583fe5f0d4955d2f36c7e035bc
SHA1: 546b09f554c001c4f830a6e2d0e9c39f43c1c5c2
PEiD: -
packers: EXECryptor
packers: Execryptor
Prevx info:
http://info.prevx.com/aboutprogramtext.asp?PX5=3E08D1CD4E5FEF3D6AC5021B0D735B005162530A
File xpre.exe received on 02.20.2008 20:11:18 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.2.20.0 2008.02.20 -
AntiVir 7.6.0.67 2008.02.20 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.02.20 -
Avast 4.7.1098.0 2008.02.20 -
AVG 7.5.0.516 2008.02.20 -
BitDefender 7.2 2008.02.20 -
CAT-QuickHeal 9.50 2008.02.18 (Suspicious) - DNAScan
ClamAV 0.92.1 2008.02.20 -
DrWeb 4.44.0.09170 2008.02.20 -
eSafe 7.0.15.0 2008.02.20 Suspicious File
eTrust-Vet 31.3.5550 2008.02.20 -
Ewido 4.0 2008.02.20 -
FileAdvisor 1 2008.02.20 -
Fortinet 3.14.0.0 2008.02.19 -
F-Prot 4.4.2.54 2008.02.19 -
F-Secure 6.70.13260.0 2008.02.20 Trojan-Downloader.Win32.VB.axa
Ikarus T3.1.1.20 2008.02.20 Trojan-Downloader.Win32.VB.atp
Kaspersky 7.0.0.125 2008.02.20 Trojan-Downloader.Win32.VB.axa
McAfee 5234 2008.02.20 -
Microsoft 1.3204 2008.02.20 -
NOD32v2 2889 2008.02.20 -
Norman 5.80.02 2008.02.20 -
Panda 9.0.0.4 2008.02.20 -
Prevx1 V2 2008.02.20 Heuristic: Suspicious File With Outbound Communications
Rising 20.32.22.00 2008.02.20 -
Sophos 4.26.0 2008.02.20 Sus/ComPack
Sunbelt 3.0.884.0 2008.02.19 -
Symantec 10 2008.02.20 -
TheHacker 6.2.9.224 2008.02.19 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.20 -
Webwasher-Gateway 6.6.2 2008.02.20 Trojan.Crypt.XPACK.Gen
Additional information
File size: 168448 bytes
MD5: 71875edc2bbc7a7429127e9f08a44069
SHA1: 5c3c4fad821bc945da282772841212cb279485d6
PEiD: -
packers: EXECryptor
packers: Execryptor, PE_Patch.PECompact, PecBundle, PECompact
Prevx info:
http://info.prevx.com/aboutprogramtext.asp?PX5=055716090048B026924402189E95C3000E8FFC09
File yazzsnet.exe received on 02.20.2008 20:11:29 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.2.20.0 2008.02.20 -
AntiVir 7.6.0.67 2008.02.20 DR/Scapur.K.15
Authentium 4.93.8 2008.02.20 -
Avast 4.7.1098.0 2008.02.20 Win32
urityScan-Q
AVG 7.5.0.516 2008.02.20 Downloader.Purityscan.Y
BitDefender 7.2 2008.02.20 Adware.Purityscan.JA
CAT-QuickHeal 9.50 2008.02.18 -
ClamAV 0.92.1 2008.02.20 Trojan.Scapur-23
DrWeb 4.44.0.09170 2008.02.20 Adware.ClickSpring
eSafe 7.0.15.0 2008.02.20 Win32.Scapur.k
eTrust-Vet 31.3.5550 2008.02.20 Win32/Clspring.HM
Ewido 4.0 2008.02.20 -
FileAdvisor 1 2008.02.20 -
Fortinet 3.14.0.0 2008.02.19 W32/Scapur.K!tr
F-Prot 4.4.2.54 2008.02.19 -
F-Secure 6.70.13260.0 2008.02.20 Trojan.Win32.Scapur.k
Ikarus T3.1.1.20 2008.02.20 -
Kaspersky 7.0.0.125 2008.02.20 Trojan.Win32.Scapur.k
McAfee 5234 2008.02.20 potentially unwanted program Adware-PurityScan
Microsoft 1.3204 2008.02.20 -
NOD32v2 2889 2008.02.20 probably a variant of Win32/TrojanDownloader.PurityScan
Norman 5.80.02 2008.02.20 PurityScan.BPZ
Panda 9.0.0.4 2008.02.20 Adware/Yazzle
Prevx1 V2 2008.02.20 Trojan.DoS.Win32.Opdos
Rising 20.32.22.00 2008.02.20 Trojan.Win32.Undef.cqb
Sophos 4.26.0 2008.02.20 -
Sunbelt 3.0.884.0 2008.02.19 -
Symantec 10 2008.02.20 Adware.Purityscan
TheHacker 6.2.9.224 2008.02.19 -
VBA32 3.12.6.1 2008.02.17 Trojan.Win32.Scapur.k
VirusBuster 4.3.26:9 2008.02.20 -
Webwasher-Gateway 6.6.2 2008.02.20 Trojan.Dropper.Scapur.K.15
Additional information
File size: 218632 bytes
MD5: 1466eca117b6d3b43a255208bd8935a3
SHA1: 76393ff09f1da36f3b90a9859eba29d2b4a4782a
PEiD: -
packers: PECompact, UPX
packers: PE_Patch.PECompact, PecBundle, PECompact
Prevx info:
http://info.prevx.com/aboutprogramtext.asp?PX5=8A78872408E73C2B563E038FE14AC6004A9897FC