Virus-2005-Test

I came across a virus test file which contains 25 virus tests. McAfee found 23 of 25 and avast! found 10 of 25. I thought that by posting this information it may assist in updating the avast! detection files to improve what is already an excellent product.

… links deleted…

I hope this may be of some assistance.

-Dave

Please zip and password protect the undetected files and send them to virus [at] avast.com. In the email body, please include the information below and the password for the zip archive (“virus” is usually acceptable).

Why is the download so big? Its 13MB! :o

My Avast 4.6.652 / 0516-7 found 10 out of 25 !!! :‘( :’( :cry:

Latest update of antivir found All … (Report Below)

Virus-2005-Test.zip
ArchiveType: ZIP
→ 1.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.01 Backdoor server programs
→ 10.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.11 Backdoor server programs
→ 11.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.17 Backdoor server programs
→ 12.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.18 Backdoor server programs
→ 13.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.19 Backdoor server programs
→ 14.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.20 Backdoor server programs
→ 15.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.21 Backdoor server programs
→ 16.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.22 Backdoor server programs
→ 17.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.08 Backdoor server programs
→ 18.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.09 Backdoor server programs
→ 19.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.09 Backdoor server programs
→ 2.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.23 Backdoor server programs
→ 20.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.10 Backdoor server programs
→ 21.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.12 Backdoor server programs
→ 22.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.13 Backdoor server programs
→ 23.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.14 Backdoor server programs
→ 24.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.15 Backdoor server programs
→ 25.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.16 Backdoor server programs
→ 3.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.02 Backdoor server programs
→ 4.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.03 Backdoor server programs
→ 5.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.04 Backdoor server programs
→ 6.exe
[DETECTION] Is the Trojan horse TR/Click.Small.DN.3
→ 7.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.05 Backdoor server programs
→ 8.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.06 Backdoor server programs
→ 9.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.07 Backdoor server programs
1.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.01 Backdoor server programs
Not deleted after prompt!
10.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.11 Backdoor server programs
Not deleted after prompt!
11.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.17 Backdoor server programs
Not deleted after prompt!
12.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.18 Backdoor server programs
Not deleted after prompt!
13.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.19 Backdoor server programs
Not deleted after prompt!
14.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.20 Backdoor server programs
Not deleted after prompt!
15.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.21 Backdoor server programs
Not deleted after prompt!
16.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.22 Backdoor server programs
Not deleted after prompt!
17.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.08 Backdoor server programs
Not deleted after prompt!
18.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.09 Backdoor server programs
Not deleted after prompt!
19.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.09 Backdoor server programs
Not deleted after prompt!
2.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.23 Backdoor server programs
Not deleted after prompt!
20.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.10 Backdoor server programs
Not deleted after prompt!
21.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.12 Backdoor server programs
Not deleted after prompt!
22.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.13 Backdoor server programs
Not deleted after prompt!
23.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.14 Backdoor server programs
Not deleted after prompt!
24.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.15 Backdoor server programs
Not deleted after prompt!
25.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.16 Backdoor server programs
Not deleted after prompt!
3.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.02 Backdoor server programs
Not deleted after prompt!
4.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.03 Backdoor server programs
Not deleted after prompt!
5.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.04 Backdoor server programs
Not deleted after prompt!
6.exe
[DETECTION] Contains signature of the worm Worm/Rous.A
Not deleted after prompt!
7.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.05 Backdoor server programs
Not deleted after prompt!
8.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.09 Backdoor server programs
Not deleted after prompt!
9.exe
[DETECTION] Contains a signature of the (dangerous) backdoor program BDS/GrayBird.K.07 Backdoor server programs
Not deleted after prompt!

End of scan: dimanche 24 avril 2005 14:12
Time taken: 01:00 min

Anyway, This is not avery good test, because all the files are infected with variants of the same virus (I.E : BSd Graybird)

So you can’t conclude Avast is not a good antivirus… you just can say it’s not very effcient against Graybird… :wink:

Please, do not post links to infected files here… thanks.

I noticed that my findings assisted with the latest VPS 0517-2…

VPS 0517-2, 28.04.2005

SymbOS:Cabir-M [Wrm], SymbOS:Hobble [Trj], Win32:Adan-035 [Adw], Win32:Adan-036 [Adw], Win32:Antiman [Wrm], Win32:Bagz-F-UPX [Wrm], Win32:Bagz-L [Wrm], Win32:Banbra-AH [Trj], Win32:Bancos-AN [Trj], Win32:Banker-BO [Trj], Win32:Banker-BP [Trj], Win32:Banker-BP [Zip], Win32:Bube [Wrm], Win32:Dialer-360 [Trj], Win32:Drefir-B-ASP [Wrm], Win32:Graybird [Trj], Win32:Graybird-B [Trj], Win32:Graybird-C [Trj], Win32:Graybird-D [Trj], Win32:Graybird-E [Trj], Win32:Graybird-F [Trj], Win32:Graybird-G [Trj], Win32:Graybird-H [Trj], Win32:Graybird-I [Trj], Win32:Graybird-J [Trj], Win32:Graybird-K [Trj], Win32:Graybird-L [Trj], Win32:Graybird-M [Trj], Win32:Graybird-N [Trj], Win32:Graybird-O [Trj], Win32:Hiton-B-UPX [Wrm], Win32:Ily [Wrm], Win32:Inservice-G [Trj], Win32:ProAgent [Trj], Win32:Qoologic-C [Trj], Win32:Qoologic-D [Trj], Win32:Qoologic-E [Trj], Win32:Qoologic-F [Trj], Win32:Rbot-UD [Trj], Win32:Roland [Wrm], Win32:StartPage-095 [Trj], Win32:StartPage-096 [Trj], Win32:Sumom-KNG [Wrm], Win32:Trojano-1235 [Trj], Win32:Trojano-1236 [Trj], Win32:Trojano-1237 [Trj], Win32:Trojano-1238 [Trj], Win32:Trojano-1239 [Trj], Win32:Trojano-1240 [Trj], Win32:Trojano-1241 [Trj], Win32:Trojano-1242 [Trj], Win32:Trojano-1243 [Trj], Win32:Trojano-1244 [Trj], Win32:Trojano-1245 [Trj], Win32:Trojano-1246 [Trj], Win32:Trojano-1247 [Trj], Win32:Yanz-A-Unk [Wrm], Win32:Yanz-B-Unk [Wrm], Win32:Yanz-C-Unk [Wrm]