GuitarBob
Joined: 09 Jul 2006 |
Posts: 9 |
Location: USA |
|
 |
Posted: Tue Jul 21, 2009 1:17 pm |
|
 |
 |
 |
 |
I like to see at least five AVs say something is infected before I really believe it, but you should also look at the AVs that are detecting it. I consider these AVs to be good quality: NOD32, Kaspersky, F-Secure, Bitdefender, Microsoft, McAfee, Symantec. If a couple of them are among those AVs detecting it, I can believe it.
If you are still unsure, upload the file to Anubis at https://anubis.iseclab.org/index.php on the web. They will analyze .exe files (mabe .dll also--I'm not sure). For Flash and JS files, you can upload to Wepawet at https://wepawet.iseclab.org/ on the web. Wepawet will also look at html links for you.
AVs are only made by humans, however. Every once-in-a-while I've seen none of them recognize an evil file, and a few times I've seen most of them recognize a file that isn't evil at all.
Regards,
|