Bambo Posted November 30, 2010 Report Share Posted November 30, 2010 Using Immunet Plus. Qsel is victim of W32.Invictus http://home.mnet-online.de/horst.muc/wpop.htm#qsel Virustotal is almost clean http://www.virustotal.com/file-scan/report.html?id=8c5cb4dad0ee34b09e23be0a1af8d447e3f9e0d15c6dcbdef6930ee55a4525be-1291147570 Guess no one has reported false positives to Rising and CAT. Link to comment Share on other sites More sharing options...
alfred Posted November 30, 2010 Report Share Posted November 30, 2010 Using Immunet Plus. Qsel is victim of W32.Invictus http://home.mnet-online.de/horst.muc/wpop.htm#qsel Virustotal is almost clean http://www.virustotal.com/file-scan/report.html?id=8c5cb4dad0ee34b09e23be0a1af8d447e3f9e0d15c6dcbdef6930ee55a4525be-1291147570 Guess no one has reported false positives to Rising and CAT. The zip file there as a whole has some troublesome data in it: http://www.virustotal.com/file-scan/report.html?id=1a8f1a6ace6075583435b7b2d6e4a775e78be82afa8e90b19042a80902afae06-1291150917 I would be very cautious with that. al Link to comment Share on other sites More sharing options...
Bambo Posted November 30, 2010 Author Report Share Posted November 30, 2010 Well that was popsel but I am 99.9999% sure that dude will never do something wrong. Not even ads on site. I think it has to do with his programming language, some PureBasic stuff. There is a rundemo.exe in the popsel one, that is what trigger alarms http://www.virustotal.com/file-scan/report.html?id=5b5bcfa87294d256da37ff8f954ba63474aa68f8059a80fed45fe1f78c8f9c68-1291152077 Popsel.exe itself is clean - except for Rising and Cat http://www.virustotal.com/file-scan/report.html?id=c6240abe05abae9ec3c1d96f5c4ba1a8516db0854f09ade7ab340729c5e3e685-1291152165. I assume macro something features look suspicious. Also a very old site and all that. Good old tools. But we will see. I consider it total theory there is anything wrong for real. Link to comment Share on other sites More sharing options...
alfred Posted November 30, 2010 Report Share Posted November 30, 2010 Well that was popsel but I am 99.9999% sure that dude will never do something wrong. Not even ads on site. I think it has to do with his programming language, some PureBasic stuff. There is a rundemo.exe in the popsel one, that is what trigger alarms http://www.virustotal.com/file-scan/report.html?id=5b5bcfa87294d256da37ff8f954ba63474aa68f8059a80fed45fe1f78c8f9c68-1291152077 Popsel.exe itself is clean - except for Rising and Cat http://www.virustotal.com/file-scan/report.html?id=c6240abe05abae9ec3c1d96f5c4ba1a8516db0854f09ade7ab340729c5e3e685-1291152165. I assume macro something features look suspicious. Also a very old site and all that. Good old tools. But we will see. I consider it total theory there is anything wrong for real. I have removed the detections for now. al Link to comment Share on other sites More sharing options...
Bambo Posted November 30, 2010 Author Report Share Posted November 30, 2010 I have removed the detections for now. al Thanks, I take full virtual responsibilty If it matters then I am also running PrevX 3.0 and Mamutu right now. All clear. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.