Glad to hear itThis version works fine for me now.
2tosbsas
Thank you for your report. I have contacted with CEUM (original Deutsch translator)
Moderators: white, Hacker, petermad, Stefan2
Hi,Sombra wrote:New beta release, version 1.0 beta 6 (22.07.2008).
Download:
vTFind 1.0 beta 6 (vtfind1b6.md5)
Code: Select all
vtfind1b6.zip file received the 2008.09.18 17:22:25 (CET)
Résult: 18/36 (50%)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.18 -
AntiVir 7.8.1.34 2008.09.18 -
Authentium 5.1.0.4 2008.09.18 W32/Heuristic-210!Eldorado
Avast 4.8.1195.0 2008.09.18 -
AVG 8.0.0.161 2008.09.18 Generic10.SIX
BitDefender 7.2 2008.09.18 -
CAT-QuickHeal 9.50 2008.09.17 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.09.18 -
DrWeb 4.44.0.09170 2008.09.18 -
eSafe 7.0.17.0 2008.09.18 Suspicious File
eTrust-Vet 31.6.6091 2008.09.16 -
Ewido 4.0 2008.09.18 -
F-Prot 4.4.4.56 2008.09.18 W32/Heuristic-210!Eldorado
F-Secure 8.0.14332.0 2008.09.18 W32/Packed_Upack.A
Fortinet 3.113.0.0 2008.09.18 -
GData 19 2008.09.18 -
Ikarus T3.1.1.34.0 2008.09.18 Trojan-Downloader.Win32.Zlob.and
K7AntiVirus 7.10.461 2008.09.18 Backdoor.Win32.Suspicious_U.Family
Kaspersky 7.0.0.125 2008.09.18 -
McAfee 5386 2008.09.17 -
Microsoft 1.3903 2008.09.18 -
NOD32v2 3452 2008.09.18 -
Norman 5.80.02 2008.09.18 W32/Packed_Upack.A
Panda 9.0.0.4 2008.09.18 -
PCTools 4.4.2.0 2008.09.18 Packed/Upack
Prevx1 V2 2008.09.18 System Back Door
Rising 20.62.32.00 2008.09.18 -
Sophos 4.33.0 2008.09.18 Sus/ComPack-K
Sunbelt 3.1.1645.1 2008.09.17 VIPRE.Suspicious
Symantec 10 2008.09.18 Trojan.Drondog
TheHacker 6.3.0.9.086 2008.09.18 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2008.09.18 PAK_Generic.006
VBA32 3.12.8.5 2008.09.17 -
ViRobot 2008.9.18.1381 2008.09.18 -
VirusBuster 4.5.11.0 2008.09.18 Packed/Upack
Webwasher-Gateway 6.6.2 2008.09.18 Win32.Malware.gen (suspicious)
To the author:Packed/Upack
Nothing, as long as you don't post the results publicly several months(!) after the file has been uploaded, before not having contacted the author privately first.OT What is wrong in taking precautions?
The problem is not Symantec but a combination of the usual crappy scanners which are not DETECTING viruses but instead doing wild guesses, leading to overstrained users not able anymore to decide if a file is infected or not, although the VT output shows that there is no clear detection but just noise, from "suspicious" to "Jesus Christ, I have no clue what it is, because my unpacking engine sucks but it really smells dangerous". This is worse than spam and leads nowhere.I understand that Symantec's tool might not be perfect but in such case it is better to be slave than victim.
The file had been removed already in the mid of July, weeks before it has been discussed in the forum. At that time the VT log showed infections from all but two scanners and there was almost no noise. I still have the VT log which I sent to ts4242, he had removed the file on the same day.BUT it appeared that I was right (see ts4242's response):
http://www.ghisler.ch/board/viewtopic.php?t=4914&postdays=0&postorder=asc&start=180
Not everyone keeps watching every plugin release. Some users are new and want to discuss about problems on the forum board.icfu wrote: Nothing, as long as you don't post the results publicly several months(!) after the file has been uploaded, before not having contacted the author privately first.
Well, super haxi0r users might decipher files contents but non-advanced ones learn to trust protecting applications. So if everyone advices me to use anti-virus software and this tells me that something is wrong then... you know the rest. It might be a crap sometimes but I think that in this case sharing such knowledge is good. This is the right thread in right forum. If it's not then moderators will remove invalid post. No reason for scolding yet.icfu wrote:The problem is not Symantec but a combination of the usual crappy scanners which are not DETECTING viruses but instead doing wild guesses, leading to overstrained users not able anymore to decide if a file is infected or not, although the VT output shows that there is no clear detection but just noise, from "suspicious" to "Jesus Christ, I have no clue what it is, because my unpacking engine sucks but it really smells dangerous". This is worse than spam and leads nowhere.
I know but I downloaded this archive and maybe someone else too. For various reasons: you don't always need to have the newest versions or you just might be curious.icfu wrote:The file had been removed already in the mid of July, weeks before it has been discussed in the forum. At that time the VT log showed infections from all but two scanners and there was almost no noise. I still have the VT log which I sent to ts4242, he had removed the file on the same day.
You can trust Kaspersky (I don't) or the others. Or you can ask someone who knows better.icfu wrote:As a rule of thumb: If Kaspersky doesn't find anything, but 50% of the scanners raise an alarm, of which the first half is not able to tell what they find and each of the scanners of the other half finds a different virus, the file is clean.
2menet and users.menet wrote:I have not yet installed this tool version 1.0 beta 6 but when unzipping it, my Symantec AntiVirus (like Norton) have put the file TCMC.exe in the quarantine because he saids that the Trojan.Drondog infected it.
I don't know options in symantec avir, but the most of antivirus can omit specified files to be scanned. Perhaps you can give a try to it.menet wrote:Symantec is the AntiVirus on the PC of my job, I can't choose it.