safe or not?

B

badgolferman

From http://virusscan.jotti.org/

File: Servant.Salamander.v2.50.RC2-rG.zip
Status: INFECTED/MALWARE
MD5 75dc0859df4a4bcd9e35bc3830f3efa3
Packers detected: PE_PATCH.UPX, UPX
Scanner results
AntiVir Found Heuristic/Malware (probable variant)
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found Trojan.Downloader.Zlob.AZV
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
NOD32 Found nothing
Norman Virus Control Found nothing
VirusBuster Found nothing
VBA32 Found nothing
 
B

badgolferman

From http://virusscan.jotti.org/

File: Servant.Salamander.v2.50.RC2-rG.zip
Status: INFECTED/MALWARE
MD5 75dc0859df4a4bcd9e35bc3830f3efa3
Packers detected: PE_PATCH.UPX, UPX
Scanner results
AntiVir Found Heuristic/Malware (probable variant)
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found Trojan.Downloader.Zlob.AZV
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
NOD32 Found nothing
Norman Virus Control Found nothing
VirusBuster Found nothing
VBA32 Found nothing

-----------------------

Additional information:
http://www.virustotal.com/en/indexf.html

Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 DR/Zlob.Gen
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.27.2006 Downloader.Zlob.DX
BitDefender 7.2 11.27.2006 Trojan.Downloader.Zlob.AZV
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.27.2006 suspicious
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 Trojan-Downloader.Win32.Zlob.aof
Kaspersky 4.0.2.24 11.27.2006 Trojan-Downloader.Win32.Zlob.ban
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.27.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 no virus found
Prevx1 V2 11.27.2006 Trojan.Zlob.Gen
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.124 11.27.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 no virus found
VirusBuster 4.3.15:9 11.26.2006 no virus found
 
V

Virus Guy

badgolferman said:
File: Servant.Salamander.v2.50.RC2-rG.zip
Status: INFECTED/MALWARE
MD5 75dc0859df4a4bcd9e35bc3830f3efa3
Packers detected: PE_PATCH.UPX, UPX

BitDefender Found Trojan.Downloader.Zlob.AZV
F-Secure Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
AntiVir 7.2.0.46 11.26.2006 DR/Zlob.Gen
AVG 386 11.27.2006 Downloader.Zlob.DX
eSafe 7.0.14.0 11.26.2006 suspicious Trojan/Worm
Ikarus 0.2.65.0 11.24.2006 Trojan-Downloader.Win32.Zlob.aof
Prevx1 V2 11.27.2006 Trojan.Zlob.Gen

Where did you get the file?

Probably from here:

http://nzbmatrix.com/nzb-details.php?id=40602

Heh. Do a google search for this:

Servant.Salamander.v2.50.

Google gives a warning on the first result:

http://www.google.ca/interstitial?u...er+v2.5_crack_keygen_serial_nocd_cracked.html

"Warning - visiting this web site may harm your computer!"

Since the file you have is a .zip, why don't you try unzipping it to
it's own directory and then submit the internal files separately to
VirusTotal and see which one is viral.
 
D

David H. Lipman

From: "badgolferman" <[email protected]>

| From http://virusscan.jotti.org/
|
| File: Servant.Salamander.v2.50.RC2-rG.zip
| Status: INFECTED/MALWARE
| MD5 75dc0859df4a4bcd9e35bc3830f3efa3
| Packers detected: PE_PATCH.UPX, UPX
| Scanner results
| AntiVir Found Heuristic/Malware (probable variant)
| ArcaVir Found nothing
| Avast Found nothing
| AVG Antivirus Found nothing
| BitDefender Found Trojan.Downloader.Zlob.AZV
| ClamAV Found nothing
| Dr.Web Found nothing
| F-Prot Antivirus Found nothing
| F-Secure Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
| Fortinet Found nothing
| Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Zlob.ban
| NOD32 Found nothing
| Norman Virus Control Found nothing
| VirusBuster Found nothing
| VBA32 Found nothing

No ZLob Trojan is safe !
 
B

badgolferman

David said:
No ZLob Trojan is safe !

What am I to make of all the other programs not tagging it as malware,
especially NOD32 which is what I have on my sytem?
 
D

David H. Lipman

From: "badgolferman" <[email protected]>


|
| What am I to make of all the other programs not tagging it as malware,
| especially NOD32 which is what I have on my sytem?

Submit it !

There are new ZLob Trojan variants being generated on a periodic and regular basis. When an
AV vendor does come up with a Heuristic detection, the author(s) change in the installer
enough to thwart it and the processs begins again.

Here's a page full of submission addresses.
http://www.ik-cs.com/v2/suspicious-files.htm
 
B

Bullwinkle

David H. Lipman said:
From: "badgolferman" <[email protected]>


|
| What am I to make of all the other programs not tagging it as malware,
| especially NOD32 which is what I have on my sytem?

Submit it !

There are new ZLob Trojan variants being generated on a periodic and
regular basis. When an
AV vendor does come up with a Heuristic detection, the author(s) change in
the installer
enough to thwart it and the processs begins again.

Here's a page full of submission addresses.
http://www.ik-cs.com/v2/suspicious-files.htm


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Zlog is a real problem. It took me 3 days to track it down and finally get
rid of it. Counterspy finally got it out.

Now I scan everything I download before I install. Found another one tonight
piggybacking on a file that I downloaded.

David you are right: scan everything.

Regards,
 
D

David H. Lipman

From: "Bullwinkle" <[email protected]>


|
| Now I scan everything I download before I install. Found another one tonight
| piggybacking on a file that I downloaded.
|
| David you are right: scan everything.
|
| Regards,
|

You be surprised what's out there.
I recently found a IRC Trojan infected with a Parite virus. :)
 
B

Bullwinkle

David H. Lipman said:
From: "Bullwinkle" <[email protected]>


|
| Now I scan everything I download before I install. Found another one
tonight
| piggybacking on a file that I downloaded.
|
| David you are right: scan everything.
|
| Regards,
|

You be surprised what's out there.
I recently found a IRC Trojan infected with a Parite virus. :)

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Hi Dave,

Thanks for all the help you've been all the time.

Is there any anti-spy program that is high and above all the others?

I've been wanting to try Kaspersky-Pcllian but it tells me I have to
uninstall several of the programs I'm running now and I don't want to do
that.

Regards,
 
D

David H. Lipman

From: "Bullwinkle" <[email protected]>


|
| Thanks for all the help you've been all the time.
|
| Is there any anti-spy program that is high and above all the others?
|
| I've been wanting to try Kaspersky-Pcllian but it tells me I have to
| uninstall several of the programs I'm running now and I don't want to do
| that.
|
| Regards,
|


Thanx for that :)

The *most* important thing is practicing Safe Hex.

You cabn't have BOTH Kaspersky and PC-Cillin installed simultaneously. Kaspersky is better.
NOD32 is high on the list and so is Avira anti virus software.

As for non-viral anti spyware applications, I suggest SuperAntiSpyware.
http://www.superantispyware.com/superantispywarefreevspro.html
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top