08-06-2007, 10:10 PM
|
#3 (permalink)
|
|
Register user
Join Date: Mar 2007
Location: Tech Support Forum, Online - Otherwise Brighton, United Kingdom
Posts: 2,186
OS: Dual Booting - Windows XP Home Edition SP2 & Vista Home Premium
|
Re: Possible Threat
Hi,
Thanks for this.
Jotti's Results are
Quote:
Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
File to upload & scan:
Service
Service load: 0% 100%
File: WinXpUpdate32.exe
Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5: 82b4b84dfaacd97814f947bf0d1026b7
Packers detected: -
Bit9 reports: File not found
Scanner results
Scan taken on 07 Aug 2007 04:03:03 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found Win32:SdBot-3700
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
|
Shame i cannot scan my whole computer like that 
VirusTotal's Results
Quote:
File WinXpUpdate32.exe received on 08.07.2007 06:02:29 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 4/32 (12.5%)
Loading server information...
Your file is queued in position: 3.
Estimated start time is between 52 and 75 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or do not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
AhnLab-V3 2007.8.3.0 2007.08.07 -
AntiVir 7.4.0.57 2007.08.06 -
Authentium 4.93.8 2007.08.06 -
Avast 4.7.1029.0 2007.08.06 Win32:SdBot-3700
AVG 7.5.0.476 2007.08.06 -
BitDefender 7.2 2007.08.07 -
CAT-QuickHeal 9.00 2007.08.06 -
ClamAV 0.91 2007.08.07 -
DrWeb 4.33 2007.08.07 -
eSafe 7.0.15.0 2007.07.31 -
eTrust-Vet 31.1.5039 2007.08.07 -
Ewido 4.0 2007.08.06 -
FileAdvisor 1 2007.08.07 -
Fortinet 2.91.0.0 2007.08.07 -
F-Prot 4.3.2.48 2007.08.03 -
F-Secure 6.70.13030.0 2007.08.07 -
Ikarus T3.1.1.8 2007.08.06 Backdoor.VB.EV
Kaspersky 4.0.2.24 2007.08.07 -
McAfee 5091 2007.08.06 -
Microsoft 1.2704 2007.08.07 -
NOD32v2 2440 2007.08.06 -
Norman 5.80.02 2007.08.06 -
Panda 9.0.0.4 2007.08.06 -
Prevx1 V2 2007.08.07 -
Rising 19.35.10.00 2007.08.07 -
Sophos 4.19.0 2007.08.01 -
Sunbelt 2.2.907.0 2007.08.04 VIPRE.Suspicious
Symantec 10 2007.08.07 -
TheHacker 6.1.7.163 2007.08.07 -
VBA32 3.12.2.2 2007.08.04 -
VirusBuster 4.3.26:9 2007.08.06 -
Webwasher-Gateway 6.0.1 2007.08.07 Win32.Malware.gen (suspicious)
Additional information
File size: 2194944 bytes
MD5: 82b4b84dfaacd97814f947bf0d1026b7
SHA1: 4f07679c4a901b723333db00045555b145deeb73
packers: Themida
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
|
Hope it helps.
|
|
|