A new BeastDoor detected only by few!

Discussion in 'other anti-virus software' started by Firefighter, Mar 8, 2005.

Thread Status:
Not open for further replies.
  1. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Just finished a new scan. Excellent update speed by Avast 4.6 and excellent heuristics by NOD32 with AH.

    Best regards,
    Firefighter!
     

    Attached Files:

  2. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    More results in here with McAfee VSE 8.0i.

    Best regards,
    Firefighter!
     

    Attached Files:

  3. Ianb

    Ianb Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    232
    Location:
    UK
    McAfee are really getting it together detection wise. :cool:
     
  4. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    That is one of the reason I use NOD32 on one of my machines. The excellent heuristics by NOD32 with AH adds that extra zero-day protection.
     
  5. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    New malware? It was added on 21.12.2003 !!! :p

    VPS 0311-8, 21.12.2003
    Win32:Beastdoor-B2-UPX [Trj], Win32:Beastdoor-C [Drp], Win32:Beastdoor-C [Trj], Win32:Beastdoor-C-UPX [Drp], Win32:Beastdoor-C-UPX [Trj], Win32:Beastdoor-Client [Trj], Win32:Gaobot-66 [Wrm], Win32:Gaobot-67 [Wrm], Win32:IISstorm [Trj], Win32:Ldpinch-C [Trj], Win32:Sober-C [Wrm], Win32:Trojano-003 [Trj]
     
  6. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    RejZor, could you test it against KAV6 to see if it picks it up on Heuristics?
     
  7. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Unfortunatelly i don't have the sample. Ask Firefighter if he's using KAV6 at all...
     
  8. Schouw

    Schouw AV Expert

    Joined:
    Jan 4, 2004
    Posts:
    29
    Location:
    Netherlands
    KAV can't unpack the archive, that's it.
    Beastdoor files are detected fine when archive has been unpacked.

    The same might apply to other AVs.
    So you should check such things before making statements.
     
  9. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Beastdoor-C-UPX is detected by KAV as Backdoor.Win32.Beastdoor.205 according to VGrep.

    MKS_Vir/ArcaVir detects it as Trojan.Beastdoor.205
     
  10. stormbyte

    stormbyte AV Expert

    Joined:
    Jul 9, 2004
    Posts:
    97
    Note: on the above picture mks_vir did not detected this virus because:
    a. scanner used on that site it's linux based and linux version of mks_vir/arcavir does not have all unpacking capabilities that windows version has.
    b. it is using older engine then windows version does.

    Mariusz
     
  11. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Well that explains a lot. I trust ArcaVir a lot so I couldn't believe the Jotti scan results.
     
  12. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    BTW, will the Linux version get the new scan engine and unpacking capability of the Windows version soon?
     
Loading...
Thread Status:
Not open for further replies.