Complete scanning result of “snd-objectbarv1.6bulid628.patch.e”, received in VirusTotal at 04.27.2006, 20:43:20 (CET).

AntiVir 6.34.0.24 04.20.2006 no virus found
Avast 4.6.695.0 04.26.2006 no virus found
AVG 386 04.27.2006 Downloader.Generic.YIM
Avira 6.34.1.58 04.27.2006 no virus found
BitDefender 7.2 04.27.2006 no virus found
CAT-QuickHeal 8.00 04.26.2006 no virus found
ClamAV devel-20060202 04.27.2006 no virus found
DrWeb 4.33 04.27.2006 Adware.DollarRevenue
eTrust-InoculateIT 23.71.140 04.27.2006 no virus found
eTrust-Vet 12.4.2181 04.27.2006 no virus found
Ewido 3.5 04.27.2006 no virus found
Fortinet 2.71.0.0 04.27.2006 W32/Drsmartl.gen!dldr
F-Prot 3.16c 04.26.2006 no virus found
Ikarus 0.2.59.0 04.27.2006 no virus found
Kaspersky 4.0.2.24 04.27.2006 Trojan-Downloader.Win32.Adload.as
McAfee 4750 04.27.2006 DollarRevenue
Microsoft 1.1372 04.27.2006 no virus found
NOD32v2 1.1509 04.27.2006 a variant of Win32/TrojanDownloader.Adload.AJ
Norman 5.90.17 04.27.2006 no virus found
Panda 9.0.0.4 04.27.2006 no virus found
Sophos 4.05.0 04.27.2006 no virus found
Symantec 8.0 04.27.2006 Trojan.Dropper
TheHacker 5.9.7.135 04.25.2006 Aplicacion/Riskware.Tool.SysModify
UNA 1.83 04.27.2006 no virus found
VBA32 3.11.0 04.27.2006 Trojan-Downloader.Win32.Adload.as

File: http://serezha.byexpand.com/snd-objectbarv1.6bulid628.patch.rar

Sorry for my bad english

where i can send infected files?

hi and welcome ,
if you can zip the file and password protect it using VIRUS as the password then send it to “virus @ Avast.com” without the spaces then that would be great. Just by listing it at the virus total or jotti sites a sample gets passed on I believe .

Please don’t post live links to suspect or malware files that can cause accidental exposure to malware. Modify the link so it is broken and not live, e.g. http :// serezha.byexpand.com/snd-objectbarv1.6bulid628.patch.rar

This infection is adware so is likely not to have been detected by an anti-virus program:

>>>snd-objectbarv1.6bulid628.patch.rar/snd-objectbarv1.6bulid628.patch.exe/run.exe contains an advertising software Adware.DollarRevenue

If you are not getting a virus warning that you believe is a new, undetected virus, then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces), or send from the chest.

Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a new, undetected and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

Dr Web shows an infected file :-\

still it’s Adware downloader, so fits into “dangerous malware” class and should be detected …