I uploaded it to Virustotal, and the result is below. If the formatting is lost, you can see the report here: http://shar.es/m6tDP
First, Virustotal told me that they already have seen this file. Next, very few AVs identified it as a threat. And at the risk of beating up on McAfee again, their gateway version with a May 6 def identified it, but their regular (?) version with a May 7 def did not! In all, only 8 of 41 identified it.
AVG, which is on my laptop, did not identify it either.
My question: what happened to AV companies sharing knowledge? I would
have thought in 24 hours at least all the big boys would have shared the
signature. A 20% detection rate is pretty bad. But as McAfee's left hand
does not know what its other left hand is doing, I guess I should not be
too surprised.
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.50 | 2010.05.07 | - |
| AhnLab-V3 | 2010.05.07.00 | 2010.05.06 | - |
| AntiVir | 8.2.1.236 | 2010.05.06 | - |
| Antiy-AVL | 2.0.3.7 | 2010.05.06 | - |
| Authentium | 5.2.0.5 | 2010.05.06 | - |
| Avast | 4.8.1351.0 | 2010.05.06 | - |
| Avast5 | 5.0.332.0 | 2010.05.06 | - |
| AVG | 9.0.0.787 | 2010.05.07 | - |
| BitDefender | 7.2 | 2010.05.07 | Gen:Variant.Bredo.4 |
| CAT-QuickHeal | 10.00 | 2010.05.04 | - |
| ClamAV | 0.96.0.3-git | 2010.05.06 | - |
| Comodo | 4783 | 2010.05.06 | - |
| DrWeb | 5.0.2.03300 | 2010.05.07 | - |
| eSafe | 7.0.17.0 | 2010.05.06 | - |
| eTrust-Vet | 35.2.7472 | 2010.05.06 | - |
| F-Prot | 4.5.1.85 | 2010.05.06 | - |
| F-Secure | 9.0.15370.0 | 2010.05.07 | Gen:Variant.Bredo.4 |
| Fortinet | 4.0.14.0 | 2010.05.05 | - |
| GData | 21 | 2010.05.07 | Gen:Variant.Bredo.4 |
| Ikarus | T3.1.1.84.0 | 2010.05.06 | - |
| Jiangmin | 13.0.900 | 2010.05.06 | - |
| Kaspersky | 7.0.0.125 | 2010.05.07 | - |
| McAfee | 5.400.0.1158 | 2010.05.07 | - |
| McAfee-GW-Edition | 2010.1 | 2010.05.06 | Artemis!ECB1C56D7D93 |
| Microsoft | 1.5703 | 2010.05.06 | - |
| NOD32 | 5092 | 2010.05.06 | - |
| Norman | 6.04.12 | 2010.05.06 | - |
| nProtect | 2010-05-06.02 | 2010.05.06 | Gen:Variant.Bredo.4 |
| Panda | 10.0.2.7 | 2010.05.06 | Suspicious file |
| PCTools | 7.0.3.5 | 2010.05.06 | - |
| Prevx | 3.0 | 2010.05.07 | - |
| Rising | 22.46.03.04 | 2010.05.06 | - |
| Sophos | 4.53.0 | 2010.05.07 | Mal/FakeAV-BW |
| Sunbelt | 6272 | 2010.05.06 | - |
| Symantec | 20091.2.0.41 | 2010.05.06 | - |
| TheHacker | 6.5.2.0.277 | 2010.05.06 | - |
| TrendMicro | 9.120.0.1004 | 2010.05.06 | PAK_Generic.001 |
| TrendMicro-HouseCall | 9.120.0.1004 | 2010.05.07 | - |
| VBA32 | 3.12.12.4 | 2010.05.06 | - |
| ViRobot | 2010.5.6.2304 | 2010.05.06 | - |
| VirusBuster | 5.0.27.0 | 2010.05.06 | - |
0 comments:
Post a Comment