Quantcast Virus Scan this File Please. - digitalFAQ.com Forums [Archives]
  #1  
06-06-2004, 09:41 AM
Prodater64 Prodater64 is offline
Free Member
 
Join Date: Mar 2003
Location: Palma de Mallorca - España
Posts: 2,925
Thanks: 0
Thanked 0 Times in 0 Posts
Hi: rds_correia told me that this file (not zipped) trigered his AV program, reporting it a trojan.
Now I have zipped the file, can somebody tell me if an AV program point at it as a trojan. Thank you.


Edited JUL/02/2004 Test finished. Link withdrawned.


--------------------------
Visit: Intermediate guide: MencodeMe/Win32 - Avisynth - MakeAvis by Prodater64.
Visit: KVCD - MencodeMe - Auxiliar Task - KVCD Docking Gate by Prodater64.
Visit: Mencoder scripting with AVSEdit and Guide for Multiple Files by Prodater64.
Visit: Mini-guide quick and easy - DVD to (S)KVCD with MencodeMe by Maurus.
Visit: Mencode-me: a newbie oriented GUI - 0.23 is out! by VMesquita.
--------------------------
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Site Staff / Ad Manager
 
Join Date: Dec 2002
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
  #2  
06-06-2004, 09:51 AM
rds_correia rds_correia is offline
Free Member
 
Join Date: Apr 2003
Location: Chinese Democracy starts now!
Posts: 2,563
Thanks: 1
Thanked 0 Times in 0 Posts
Hi Pro,
Now that it's zipped I were allowed to download it but then I made a scan on the zipfile and again the AV program detected Trojan Digarix.B.
Can somebody test this too please?
Cheers
__________________
Rui
Reply With Quote
  #3  
06-06-2004, 10:12 AM
bigggt bigggt is offline
Free Member
 
Join Date: Mar 2003
Location: IamCanadian
Posts: 848
Thanks: 0
Thanked 0 Times in 0 Posts
Hi i have never had this before but i get this message

Reply With Quote
  #4  
06-06-2004, 11:46 AM
Dialhot Dialhot is offline
Free Member
 
Join Date: May 2003
Posts: 10,463
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by rds_correia
Hi Pro,
Now that it's zipped I were allowed to download it but then I made a scan on the zipfile and again the AV program detected Trojan Digarix.B.
Can somebody test this too please?
Cheers
Do you have Sophos ?
definitely a mistake of the scanner as you can see in the descrription of the virus :
Quote:
Description
Troj/Digarix-B is a multi-partite IRC backdoor Trojan.

The Trojan arives as a self extracting archive file cab32.exe that drops the following files:

\echo.txt
\windows\Rar.exe
\windows\backs.exe
\windows\cabscan.dll
\windows\dd4a.exe
\windows\dx32a.exe
\windows\inst.exe
\windows\mirc.hlp
\windows\msnmsgr.exe
\windows\pv.exe
\windows\repair\cabscan\fix\cabscan.dll
\windows\sleep.com
\windows\system32\cab\Rar.exe
\windows\system32\cab\TzoLibr.dll
...
http://www.sophos.com/virusinfo/anal...jdigarixb.html

Definitely NOT what can be done by the little tiny file send by Pro64
Reply With Quote
  #5  
06-06-2004, 02:18 PM
fabrice fabrice is offline
Free Member
 
Join Date: Mar 2003
Location: Madrid-Spain
Posts: 515
Thanks: 0
Thanked 0 Times in 0 Posts
Hi,

Tested with McAfee, and nothing detected...

CU
Fabrice
Reply With Quote
  #6  
06-06-2004, 02:45 PM
Zyphon Zyphon is offline
Free Member
 
Join Date: Oct 2003
Location: London, England (UK)
Posts: 1,035
Thanks: 0
Thanked 0 Times in 0 Posts
Hi Por,

I tested this file with AVG Free Ver 6 and it detected the virus Qghosts.A

So I havent extracted the contents in the zip for fear of infection.

I hope this info can help you out Pro.
__________________
Regards.

Michael.
Reply With Quote
  #7  
06-06-2004, 03:29 PM
Dialhot Dialhot is offline
Free Member
 
Join Date: May 2003
Posts: 10,463
Thanks: 0
Thanked 0 Times in 0 Posts
There is NO infection in this you can be sure about this.
Reply With Quote
  #8  
06-06-2004, 03:55 PM
Hydeus Hydeus is offline
Free Member
 
Join Date: Dec 2003
Location: Omicron Persei 8
Posts: 322
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
c:\documents and settings\administrator\desktop\mncsamplepreview.zi p>MNCSamplePreview.exe - Win32.BWG dropper.
CA E-trust Antivirus: todays signature

Phil, this was youre 5555 post
__________________
Go for SECAM =)
Reply With Quote
  #9  
06-06-2004, 04:03 PM
Prodater64 Prodater64 is offline
Free Member
 
Join Date: Mar 2003
Location: Palma de Mallorca - España
Posts: 2,925
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Dialhot
There is NO infection in this you can be sure about this.
I generated that exe with a bat2exe program.
Could be that this program infected my batch file in some way.
If not, is a AV bug or fail.
Reply With Quote
  #10  
06-06-2004, 04:17 PM
Dialhot Dialhot is offline
Free Member
 
Join Date: May 2003
Posts: 10,463
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Prodater64
Could be that this program infected my batch file in some way.
It's always possible but the virii reported on your files are 1: completlty different one from the other - 2/ completly out of possibility allowed by a 28 kb (valid ) zip file .

Quote:
If not, is a AV bug or fail.
Yes it is. Your tool surel ygenerate something that is close to a real virus. A lot of virus, that's all.
Reply With Quote
  #11  
06-06-2004, 04:27 PM
Prodater64 Prodater64 is offline
Free Member
 
Join Date: Mar 2003
Location: Palma de Mallorca - España
Posts: 2,925
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Dialhot
Quote:
Originally Posted by Prodater64
Could be that this program infected my batch file in some way.
It's always possible but the virii reported on your files are 1: completlty different one from the other - 2/ completly out of possibility allowed by a 28 kb (valid ) zip file .

Quote:
If not, is a AV bug or fail.
Yes it is. Your tool surel ygenerate something that is close to a real virus. A lot of virus, that's all.
My Norton AV does not report it as a trojan or virus.


--------------------------
Visit: Intermediate guide: MencodeMe/Win32 - Avisynth - MakeAvis by Prodater64.
Visit: KVCD - MencodeMe - Auxiliar Task - KVCD Docking Gate by Prodater64.
Visit: Mencoder scripting with AVSEdit and Guide for Multiple Files by Prodater64.
Visit: Mini-guide quick and easy - DVD to (S)KVCD with MencodeMe by Maurus.
Visit: Mencode-me: a newbie oriented GUI - 0.23 is out! by VMesquita.
--------------------------

Reply With Quote
  #12  
07-05-2004, 09:32 AM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
@All,

I've been using AVG Anti Virus for quite a while, and now I can say it's crap
It hasn't detected viruses on my machine, and gives weird scans on my wife's machine.
On her machine, I was constantly getting a random popup virus warning from AVG, but on a full scan, nothing would be detected.
Well, I downloaded AntiVir from www.free-av.com and all I can say is
Give it a shot
It detected several viruses on my machine, even on some .RAR files, which were never detected by AVG or Norton.

-kwag
Reply With Quote
  #13  
07-05-2004, 03:28 PM
Jellygoose Jellygoose is offline
Free Member
 
Join Date: Jun 2002
Location: Germany
Posts: 1,288
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by kwag
@All,

I've been using AVG Anti Virus for quite a while, and now I can say it's crap
It hasn't detected viruses on my machine, and gives weird scans on my wife's machine.
On her machine, I was constantly getting a random popup virus warning from AVG, but on a full scan, nothing would be detected.
Well, I downloaded AntiVir from www.free-av.com and all I can say is
Give it a shot
It detected several viruses on my machine, even on some .RAR files, which were never detected by AVG or Norton.

-kwag
AntiVir is the software I'm using. www.free-av.de
very very useful, free, and they update very frequently!
__________________
j3llyG0053
Reply With Quote
  #14  
07-05-2004, 03:52 PM
Zyphon Zyphon is offline
Free Member
 
Join Date: Oct 2003
Location: London, England (UK)
Posts: 1,035
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by kwag
@All,

I've been using AVG Anti Virus for quite a while, and now I can say it's crap
It hasn't detected viruses on my machine, and gives weird scans on my wife's machine.
On her machine, I was constantly getting a random popup virus warning from AVG, but on a full scan, nothing would be detected.
Well, I downloaded AntiVir from www.free-av.com and all I can say is
Give it a shot
It detected several viruses on my machine, even on some .RAR files, which were never detected by AVG or Norton.

-kwag
Thanks Karl. I must have misssd this post. I get some weird results in AVG and I dont like the it doesnt intercept and scan rar and zip files straight after you have downloaded them like Norton does.

I shall give this program a shot.
__________________
Regards.

Michael.
Reply With Quote
  #15  
07-05-2004, 04:52 PM
rds_correia rds_correia is offline
Free Member
 
Join Date: Apr 2003
Location: Chinese Democracy starts now!
Posts: 2,563
Thanks: 1
Thanked 0 Times in 0 Posts
Hey guys,
I forgot to mention this in the begining of the thread.
I used Trendmicro's PCCillin for quite some time but one day I started feeling that it was very CPU demanding for my old PIII machine.
So for the last few months before this thread was born I've been using Free-Av with very good results.
That is aside from this Digarix.B issue...
Ohter than that it really is very good reporting viruses inside zip/rar file that unbelievably pc-cillin didn't detect with the right options enabled .
About the Digarix.B issue, it really must be a flaw in their virus signatures
Cheers
__________________
Rui
Reply With Quote
  #16  
07-05-2004, 05:22 PM
bigggt bigggt is offline
Free Member
 
Join Date: Mar 2003
Location: IamCanadian
Posts: 848
Thanks: 0
Thanked 0 Times in 0 Posts
Hi guys i have been using AVG for ever now also and i think even on screensavers(tv show) they say it is one of the best

but lately i have been hearing bad things about it

maybe its time to switch
Reply With Quote
  #17  
07-05-2004, 05:46 PM
vmesquita vmesquita is offline
Invalid Email / Banned / Spammer
 
Join Date: May 2003
Posts: 3,726
Thanks: 0
Thanked 0 Times in 0 Posts
I've been using AVG also. I'll give AntiVir a try.
Reply With Quote
  #18  
07-06-2004, 07:22 AM
black prince black prince is offline
Free Member
 
Join Date: Jul 2002
Posts: 1,224
Thanks: 0
Thanked 0 Times in 0 Posts
Let me second that Kwag, for problems with AVG. I just downloaded AntiVir
and will give it a try. I have Norton AV, but renewal of subscription is
getting near.

Thanks

-BP
Reply With Quote
  #19  
07-08-2004, 07:06 PM
bigggt bigggt is offline
Free Member
 
Join Date: Mar 2003
Location: IamCanadian
Posts: 848
Thanks: 0
Thanked 0 Times in 0 Posts
Hi

Just wondering what the results are with people that have switched from AVG

Are you happy with the new program

I still am yet to try
Reply With Quote
  #20  
07-08-2004, 08:33 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by bigggt
Are you happy with the new program
Reply With Quote
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
BitDefender Anti Virus kwag Computers 73 08-25-2007 01:15 PM
Blaster virus in svchost.exe? the viking Computers 6 01-15-2005 01:00 PM
Trojan/Virus Detection nicksteel Computers 5 11-09-2004 10:04 AM
WARNING: possible Virus alert !! vhelp Computers 7 02-11-2004 10:32 PM
Avisynth: IS THIS A VIRUS ?! Wolfi Avisynth Scripting 9 09-19-2003 10:56 AM

Thread Tools



 
All times are GMT -5. The time now is 05:51 AM  —  vBulletin © Jelsoft Enterprises Ltd