Win32.torjan.spy.banker.bai[solved]

Bogey
edited June 2008 in Sample submission

I scaned a crack.exe file with BitDefender Internet Security 10 and it dindn't find anything, so I 2xclicked it and bam !: cmd appears on my screen saying something about some codecs <_< , now you know something's wrong so I do a full scan with spyware doctor...nothing, just some registry keys and cookies, so I try SmitFraudFix...nothing, and finally by mistake ZoneAlarmPro finds it when I wasn't even at my computer :unsure:/applications/core/interface/file/attachment.php?id=1029" data-fileid="1029" rel="">Win32.Trojan.Spy.Banker.bai.rar

Comments

  • have anyone form bitdefender labs downlaoded what i've sent? so that in the future my antivirus can detect that? it would be nice to get some sort of answer.... <_<


    Yes I noticed that none of my samples have been looked either since 25th Nov. I guess the Virus researchers have been busy. I would suggest sending the files direct to virus_submission@bitdefender.com in the meantime.


    Cheers


    Jlo

  • Jlo
    Jlo
    edited December 2007
    busy...? their ###### doesn't detect that trojan and many others that the file I sent conatin, and you say they're busy...? they just don't give a ****, a typical romanian company/prodcut, someone could've just give me an answer, so I would just know not to wait....I think that would be the appropriate thing to do... why post this if nobody cares?


    ps. you say to send it by e-mail...why should I struggle to send the file to them, after all, is their interest that their software detect as many threats as possible....


    Well I do agree with you to a point. They normally drop by this forum every couple of days but seems to have been a bit of a lag this week!


    Hope the analysist visit this thread soon.


    Best wishes


    jlo

  • busy...? their ###### doesn't detect that trojan and many others that the file I sent conatin, and you say they're busy...?


    Do you find it hard to believe that BD Virus Analysts are actually busy? Do you think that all they do is sit there and chat with each other on a cup of cofee? News flash: they don't! They work 24/7, trying to keep the users safe. But it appears that you expect the impossible: full-proof protection.


    Well, I have another bad news for you: full-proof protection doesn't exist! There will always exist situations when something is not detected by a security solution. The user is the FIRST line of defense. If you download and use absolutely everything from the web...then not even God can keep your PC 100% clean at all times.


    they just don't give a ****, a typical romanian company/prodcut, someone could've just give me an answer, so I would just know not to wait....I think that would be the appropriate thing to do... why post this if nobody cares?


    Well, look who's talking... <_<


    As far as I can see, you're also from Romania. And your reaction is typical, I must say. When I see users like you, who believe they own the place and that they are superior then everyone else (and expect that everyone else does EXACTLY as they say, ASAP) I'm ashamed I live in the same country. <img class=" />


    First of all, what you posted is a crack. That means warez, that means you should at least be thankfull you weren't suspended!


    You already got a warning. Please, DO continue like this (using the type of language that you think makes you cool), and watch your warning level grow.


    ps. you say to send it by e-mail...why should I struggle to send the file to them, after all, is their interest that their software detect as many threats as possible....


    What Jlo said is a very good advice. But even if you don't send it, be sure that the sample you attached WILL be analyzed and detection will be added. If this will happen sooner or later, I can't tell. But I assure you it WILL happen.


    Cris.

  • Bogey
    edited December 2007

    I have posted a file that contains MALWARE, if it would just crack the software that it was supposed to crack, I wouldn't be posting here, would I? as for the analysts...I suppose is more than one, and one of them is assigned to check the forum, that would be the normal situation... you talk about downloading everything, actually I'm one of those that don't, but I scaned that file with more than one antivirus software and antispyware, and I used to TRUST BitDefender, but as I said I used more than one AV, and none found anything, not even after the computer was infected... my attitude is bad because I try to help you, me and everyone else that uses BitDefender and they(BD Virus Analysts) are to "busy" to check the forum. I am not the only one that have posted malware here


    and that words don't make me look "cool", they make me look mad...

  • You would be impressed to see how busy the VR are. They receive samples on all possible ways, including this forum, and not all the time a VR is logged on to see what's new. However, I'll contact personaley a VR and tell him about your sample. Detection will be added as soon as a VR will analyze the file.


    You don't have to get mad or something. Virus analyses is made by human beeings, not by machines.

  • I have posted a file that contains MALWARE, if it would just crack the software that it was supposed to crack, I wouldn't be posting here, would I? as for the analysts...I suppose is more than one, and one of them is assigned to check the forum, that would be the normal situation... you talk about downloading everything, actually I'm one of those that don't, but I scaned that file with more than one antivirus software and antispyware, and I used to TRUST BitDefender, but as I said I used more than one AV, and none found anything, not even after the computer was infected... my attitude is bad because I try to help you, me and everyone else that uses BitDefender and they(BD Virus Analysts) are to "busy" to check the forum. I am not the only one that have posted malware here


    and that words don't make me look "cool", they make me look mad...


    First of all: you don't know the situation of this forum. This is only a user forum. Yes, there are active a few Virus Analysts that, periodically, check the forum for new samples. But they do that because they want to, not because they have to. Checking the forum is not in the job description for none of the Virus Analysts. So, if sometimes, they receive by e-mail too many samples and they simply don't have time to check the forum, they won't (it's just a matter of priority).


    Second of all, you say your malware wasn't detected by ANY antivirus. So why are you mad on BitDefender? I have a question: did you went with the same rage on all other AVs' forums to complain? Did you register there, started a new topic and started to use ghetto language? I kinda doubt it...


    Just have patience. Because nobody is ignoring anybody.


    Cris.

  • Bogey
    edited December 2007

    I'm not mad on bitdefender...I mad because, as I said, I'm trying to help, and I don't even get an answer( i have waited a week and nobody went through the trobule to post an answer here)...something like "hey, we will check your file", it would nice, and apropiate to do so, don't you think? and yes they do it because they want to, they don't have to, but it's goo that they do, and I've registered here, and posted this here, because I'm using BitDefender myself, and I used to trust it, and I still use it, and I don't know, call me a patriot, everyone advice me not to, but I like bitdefender.


    i went to all this "rage" on this forum, first of all, because I use BitDefender, and I like it because it's romanian software. that's my mentality, why would I try to help someone else, if not my kin... we don't have much to be proud of, this AV one of the few things that makes me proud....even though it could be much better

  • Ok, I understand. But you should also understand that nobody posts here just to say I'm gonna take a look at your file in X days. If you posted it, then you can be sure it WILL be checked...sooner, or later. Sometimes, it takes less then an hour. Sometimes, it takes a few days. Just have a little patience, because they are not sleeping and, most certainly, they didn't leave on vacation leaving everything on hold until they come back.


    I don't know if you noticed...but I noticed that these last days the updates on BitDefender Virus Signatures were a lot more then usual (which proves they were working).


    Cris.

  • Bogey
    edited June 2008

    ok man...whatever, I'm all over this. I hope someone checks the file and decide if it was worthed or not... you can close the topic..or whatever

  • The sample was detected starting november 26th (the next day the sample was uploaded here) as Trojan.Downloader.Zlob.ABBV.


    Cheers,


    Marius Botis