this software is from china,and it is completely depend on heuristic technology to detect virus and trojan etc.It is not any signature get involved.so anyone can try it:D
website:http://www.bytehero.com/english.asp

Ikarus doesn't like this hero.

Gerard

Ikarus doesn't like a lot of things.

Last I checked with a laptop of mine, with a2, Ikarus engine claimed several trojans on editors for well-known PC game ... Official editors even.


So, I am afraid Ikarus really isn't the thing you can place your faith in :D No offence to anyone but they do have horrible rate for f/p's.

-{ Quote: "Ikarus doesn't like a lot of things.

Last I checked with a laptop of mine, with a2, Ikarus engine claimed several trojans on editors for well-known PC game ... Official editors even.


So, I am afraid Ikarus really isn't the thing you can place your faith in :D No offence to anyone but they do have horrible rate for f/p's." }-

Several other AV's have this FP then :)

Gerard

-{ Quote: "Several other AV's have this FP then :)

Gerard" }-

9 out of 41 on VirusTotal.

The exe. gets hits on jotti's from Ikarus,CP Secure, and Sophos as a "trojan- Flux, Generic A or Pakes".

Comodo, F-Prot, F-Secure, McAfee, PCTools detect it as well.

Gerard

NOD didn't show up as one of those detecting it on my upload to Virus Total, and yet it did detect it when I first tried to download it - a variant of Win32/Packed.Themida application..

Is this one of those examples of the real life AV functionality not being fully replicated by the up load scanners..??

mse says is clean iobit 360 also says clean ...... but my mind says no to a software without any serious page and adress to contact.... anyone can put a malicious file to internet with an email for contact

prevx doesnt like it eiether. says its a backdoor trojan.

As lodore has noted, Prevx does not like it !

I downloaded it and compared it with the Prevx www -

212042

The file size matches Exactly ! might not be the same, but ?

212043

Prevx didn't jump when i unpacked the RAR, but did when i right scanned it

212044

I uploaded this file to ThreatExpert and the result was inconclusive.It's possible that the software protection used could be triggering a FP as certain malware use similar methodology.

http://www.threatexpert.com/report.aspx?md5=9f4212b3108dbf25a92086e25623a7b2

My Eset Smart Security blocked it.

-{ Quote: "I uploaded this file to ThreatExpert and the result was inconclusive.It's possible that the software protection used could be triggering a FP as certain malware use similar methodology.

http://www.threatexpert.com/report.aspx?md5=9f4212b3108dbf25a92086e25623a7b2" }-
Many trojans have a threatexpert report like that.

I ran the file past MalwareBytes and SuperAntiSpyware just to see what they would say and neither found it to be malicious.

It's Themida packed, making it hard to analyse.

Strange, Oreans always claimed that Avira reports *every* Themida file... ::)

A2 AntiMalware (Ikarus scan engine) has just updated it's database and now says it's clean.

-{ Quote: "A2 AntiMalware (Ikarus scan engine) has just updated it's database and now says it's clean." }-

This looks like a "greyware" find.
No definitive consensus yet.

MSE scanned the download, you could tell it was using its cloud ability because it hung on a few files till finished, but came back clean with it. I would say any detection is a FP.

Comodo Instant Malware Analysis result:

http://camas.comodo.com/cgi-bin/submit?file=e37c14a77af39f46ced348bafe09f116089911ec0dba4a1fa75702ecd242eba3

;D

NIS2009 Doesn't detect anything, here's the Anubis report of the .exe

http://anubis.iseclab.org/?action=result&task_id=158d20982eaedfad41d5678eb8acd223e&format=html

So... Who's game? :argh:

At the end of the day, I probabily wont use it regardless of its status.

-{ Quote: "At the end of the day, I probabily wont use it regardless of its status." }-
Best post of the thread.:thumb:

-{ Quote: "At the end of the day, I probabily wont use it regardless of its status." }-

There is always some curious dumb who will use it.

So, I did it. :argh:

Avira, Threatfire and Malwarebyte did not find malware, there were no problems with OS etc. Looks like crapware rather than the malware. Slow scanning speed and very poor detection when testing with a smaller number of newer malware samples (Avira, Avast and Threatfire, for example, detect all of the samples).

I'll analyze this sample shortly but any legitimate software company, let alone an "AV", which packs its files with Themida is doing something very, very wrong ::)

-{ Quote: "There is always some curious dumb who will use it.

So, I did it. :argh:
" }-

I installed it and ran it too.
I think it's just a junky scanner. Unless Prevxhelp finds otherwise, it looks like a false positive.

I posted it on MBAM's forum and this what I got

-{ Quote: "MBAM will not be adding detection of this file or the install as it is niether rogue nor does it perform any malicious behaviour beyond using an advanced packer(Themida) which has been seen to be used by malware before.

This in no way is an endorsement of that software either." }-

-{ Quote: "MBAM will not be adding detection of this file or the install as it is niether rogue nor does it perform any malicious behaviour beyond using an advanced packer(Themida) which has been seen to be used by malware before.

This in no way is an endorsement of that software either. " }-

Translation: It's not malicious but boy is it junk. :argh:

Just kidding.

I wonder why they have opted to use Themida of all things. The Anubis scan looked pretty benign, in fact it doesn't look like it does much to the system at all.

Infected with Themida :D

A lot of malware use products such as from Oreans but not all programs that use a protection system are malware. Saying that, why is ByteHero using it.

i am sorry to that.i didn't anticipate that this software will be regard as a virus for serveral antivirus.but defenitely it is a no harmful antivirus software.though the detection is mediocre.but it is all pursued by heuristic.i stand by a security forum in china .there is a testing about this software.the detection was keeping 40-50%..Franking speaking it is not very bad for an antivirus which only rely on heuristic :-[

Sorry but I dont think I will be installing this. Here is what NIS2010 File Insight says.

Love this NIS2010 feature.

-{ Quote: "Franking speaking it is not very bad for an antivirus which only rely on heuristic :-[" }-
IMO, all this fuzz about software only using heuristics (or even the "cloud") means nothing - at the end of the day, I think a good antimalware software is one which detects/blocks many malware in the wild (hopefully quickly), with little scope for FP or interfering with clean software, regardless of the technology it uses.

-{ Quote: "Sorry but I dont think I will be installing this. Here is what NIS2010 File Insight says.
Love this NIS2010 feature." }-
Looks like a good feature :) - whats the "origin"? - is it the file/website it came from or only the country the file came from (which is pretty useless)?

A couple of off topic posts were removed. Stick to discussing the software please.