Tech Support Forum - View Single Post

simzlol · 10-09-2008, 04:15 PM

File jilapmhc.exe received on 10.10.2008 00:12:08 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.10.10.0 2008.10.09 -
AntiVir 7.8.1.34 2008.10.09 TR/Obfuscated.GX.2150
Authentium 5.1.0.4 2008.10.09 -
Avast 4.8.1248.0 2008.10.09 Win32:PureMorph
AVG 8.0.0.161 2008.10.09 Generic11.ARNH
BitDefender 7.2 2008.10.09 -
CAT-QuickHeal 9.50 2008.10.08 Win32.Trojan.Obfuscated.gx.3
ClamAV 0.93.1 2008.10.09 -
DrWeb 4.44.0.09170 2008.10.09 -
eSafe 7.0.17.0 2008.10.08 -
eTrust-Vet 31.6.6139 2008.10.09 -
Ewido 4.0 2008.10.09 -
F-Prot 4.4.4.56 2008.10.09 -
F-Secure 8.0.14332.0 2008.10.09 Trojan.Win32.Obfuscated.gx
Fortinet 3.113.0.0 2008.10.09 W32/PolySmall.BP!tr
GData 19 2008.10.10 Win32:PureMorph
Ikarus T3.1.1.34.0 2008.10.09 Trojan.Win32.Obfuscated.gx
K7AntiVirus 7.10.489 2008.10.09 -
Kaspersky 7.0.0.125 2008.10.09 Trojan.Win32.Obfuscated.gx
McAfee 5402 2008.10.09 FakeAlert-BD
Microsoft 1.4005 2008.10.09 Trojan:Win32/Busky.EI
NOD32 3509 2008.10.10 a variant of Win32/TrojanDownloader.FakeAlert.IQ
Norman 5.80.02 2008.10.09 W32/Busky.DJJE
Panda 9.0.0.4 2008.10.09 Adware/Lop
PCTools 4.4.2.0 2008.10.09 -
Prevx1 V2 2008.10.10 Cloaked Malware
Rising 20.65.32.00 2008.10.09 -
SecureWeb-Gateway 6.7.6 2008.10.09 Trojan.Obfuscated.GX.2150
Sophos 4.34.0 2008.10.09 Mal/Generic-A
Sunbelt 3.1.1708.1 2008.10.09 Trojan.Win32.Obfuscated.gx
Symantec 10 2008.10.09 -
TheHacker 6.3.1.0.104 2008.10.09 -
TrendMicro 8.700.0.1004 2008.10.09 -
VBA32 3.12.8.6 2008.10.09 Trojan.Win32.Obfuscated.gx
ViRobot 2008.10.9.1414 2008.10.09 -
VirusBuster 4.5.11.0 2008.10.09 -
Additional information
File size: 94208 bytes
MD5...: 6dc9e125540c1f9a0c94e95d22da3966
SHA1..: c2b479306e8afb346edfe11562d0a0c19cb07e42
SHA256: a1971b8d541c4c91d9d1800ecedce0f015731b5b0f7757dd950766cb1b56e47c
SHA512: 227e11ad1de3ce50b5460b66b6c3ccb645347c12cc2fb5d3c6c6ce182e31864b 507bcd24d844e2c55666d3d5195f6b04f1613397f1d71c701942f37e063d3b53
PEiD..: -
TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x403c4e timedatestamp.....: 0x48e8909a (Sun Oct 05 10:02:02 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .iopyu 0x1000 0x139d2 0x14000 6.86 ce301c1159b1d8e7c94ff35640f528cb .dvvxn 0x15000 0x25e 0x1000 1.14 15a7823aa42effba74a031402fb4eccd .cpjk 0x16000 0x5a00 0x1000 0.56 8670dbc9c3a9b3d71303dd7edb4b4ecc ( 1 imports ) > KERNEL32.dll: GetLastError, GetLogicalDrives, ResumeThread, ReadProcessMemory, SetLastError, ResetEvent, GetCurrentProcessId, SetFilePointer, DeleteFileW, GetFileAttributesW, VirtualFree, LoadLibraryA, GetFileAttributesExW, MultiByteToWideChar, GlobalFree, GlobalAlloc, GetProcAddress, GlobalLock, InterlockedDecrement, GetCurrentThreadId, GetLocalTime ( 0 exports ) 
Prevx info: http://info.prevx.com/aboutprogramte...4E3F005180250F

Antivirus;Version;Last Update;Result
AhnLab-V3;2008.10.10.0;2008.10.09;-
AntiVir;7.8.1.34;2008.10.09;TR/Obfuscated.GX.2150
Authentium;5.1.0.4;2008.10.09;-
Avast;4.8.1248.0;2008.10.09;Win32:PureMorph
AVG;8.0.0.161;2008.10.09;Generic11.ARNH
BitDefender;7.2;2008.10.09;-
CAT-QuickHeal;9.50;2008.10.08;Win32.Trojan.Obfuscated.gx.3
ClamAV;0.93.1;2008.10.09;-
DrWeb;4.44.0.09170;2008.10.09;-
eSafe;7.0.17.0;2008.10.08;-
eTrust-Vet;31.6.6139;2008.10.09;-
Ewido;4.0;2008.10.09;-
F-Prot;4.4.4.56;2008.10.09;-
F-Secure;8.0.14332.0;2008.10.09;Trojan.Win32.Obfuscated.gx
Fortinet;3.113.0.0;2008.10.09;W32/PolySmall.BP!tr
GData;19;2008.10.10;Win32:PureMorph
Ikarus;T3.1.1.34.0;2008.10.09;Trojan.Win32.Obfuscated.gx
K7AntiVirus;7.10.489;2008.10.09;-
Kaspersky;7.0.0.125;2008.10.09;Trojan.Win32.Obfuscated.gx
McAfee;5402;2008.10.09;FakeAlert-BD
Microsoft;1.4005;2008.10.09;Trojan:Win32/Busky.EI
NOD32;3509;2008.10.10;a variant of Win32/TrojanDownloader.FakeAlert.IQ
Norman;5.80.02;2008.10.09;W32/Busky.DJJE
Panda;9.0.0.4;2008.10.09;Adware/Lop
PCTools;4.4.2.0;2008.10.09;-
Prevx1;V2;2008.10.10;Cloaked Malware
Rising;20.65.32.00;2008.10.09;-
SecureWeb-Gateway;6.7.6;2008.10.09;Trojan.Obfuscated.GX.2150
Sophos;4.34.0;2008.10.09;Mal/Generic-A
Sunbelt;3.1.1708.1;2008.10.09;Trojan.Win32.Obfuscated.gx
Symantec;10;2008.10.09;-
TheHacker;6.3.1.0.104;2008.10.09;-
TrendMicro;8.700.0.1004;2008.10.09;-
VBA32;3.12.8.6;2008.10.09;Trojan.Win32.Obfuscated.gx
ViRobot;2008.10.9.1414;2008.10.09;-
VirusBuster;4.5.11.0;2008.10.09;-

Additional information
File size: 94208 bytes
MD5...: 6dc9e125540c1f9a0c94e95d22da3966
SHA1..: c2b479306e8afb346edfe11562d0a0c19cb07e42
SHA256: a1971b8d541c4c91d9d1800ecedce0f015731b5b0f7757dd950766cb1b56e47c
SHA512: 227e11ad1de3ce50b5460b66b6c3ccb645347c12cc2fb5d3c6c6ce182e31864b 507bcd24d844e2c55666d3d5195f6b04f1613397f1d71c701942f37e063d3b53
PEiD..: -
TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x403c4e timedatestamp.....: 0x48e8909a (Sun Oct 05 10:02:02 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .iopyu 0x1000 0x139d2 0x14000 6.86 ce301c1159b1d8e7c94ff35640f528cb .dvvxn 0x15000 0x25e 0x1000 1.14 15a7823aa42effba74a031402fb4eccd .cpjk 0x16000 0x5a00 0x1000 0.56 8670dbc9c3a9b3d71303dd7edb4b4ecc ( 1 imports ) > KERNEL32.dll: GetLastError, GetLogicalDrives, ResumeThread, ReadProcessMemory, SetLastError, ResetEvent, GetCurrentProcessId, SetFilePointer, DeleteFileW, GetFileAttributesW, VirtualFree, LoadLibraryA, GetFileAttributesExW, MultiByteToWideChar, GlobalFree, GlobalAlloc, GetProcAddress, GlobalLock, InterlockedDecrement, GetCurrentThreadId, GetLocalTime ( 0 exports ) 
Prevx info: http://info.prevx.com/aboutprogramte...4E3F005180250F

10-09-2008, 04:15 PM	#21 (permalink)
simzlol Registered User Join Date: Apr 2008 Posts: 30 OS: windows xp	Re: "windows secuirty alret" popup File jilapmhc.exe received on 10.10.2008 00:12:08 (CET) Antivirus Version Last Update Result AhnLab-V3 2008.10.10.0 2008.10.09 - AntiVir 7.8.1.34 2008.10.09 TR/Obfuscated.GX.2150 Authentium 5.1.0.4 2008.10.09 - Avast 4.8.1248.0 2008.10.09 Win32:PureMorph AVG 8.0.0.161 2008.10.09 Generic11.ARNH BitDefender 7.2 2008.10.09 - CAT-QuickHeal 9.50 2008.10.08 Win32.Trojan.Obfuscated.gx.3 ClamAV 0.93.1 2008.10.09 - DrWeb 4.44.0.09170 2008.10.09 - eSafe 7.0.17.0 2008.10.08 - eTrust-Vet 31.6.6139 2008.10.09 - Ewido 4.0 2008.10.09 - F-Prot 4.4.4.56 2008.10.09 - F-Secure 8.0.14332.0 2008.10.09 Trojan.Win32.Obfuscated.gx Fortinet 3.113.0.0 2008.10.09 W32/PolySmall.BP!tr GData 19 2008.10.10 Win32:PureMorph Ikarus T3.1.1.34.0 2008.10.09 Trojan.Win32.Obfuscated.gx K7AntiVirus 7.10.489 2008.10.09 - Kaspersky 7.0.0.125 2008.10.09 Trojan.Win32.Obfuscated.gx McAfee 5402 2008.10.09 FakeAlert-BD Microsoft 1.4005 2008.10.09 Trojan:Win32/Busky.EI NOD32 3509 2008.10.10 a variant of Win32/TrojanDownloader.FakeAlert.IQ Norman 5.80.02 2008.10.09 W32/Busky.DJJE Panda 9.0.0.4 2008.10.09 Adware/Lop PCTools 4.4.2.0 2008.10.09 - Prevx1 V2 2008.10.10 Cloaked Malware Rising 20.65.32.00 2008.10.09 - SecureWeb-Gateway 6.7.6 2008.10.09 Trojan.Obfuscated.GX.2150 Sophos 4.34.0 2008.10.09 Mal/Generic-A Sunbelt 3.1.1708.1 2008.10.09 Trojan.Win32.Obfuscated.gx Symantec 10 2008.10.09 - TheHacker 6.3.1.0.104 2008.10.09 - TrendMicro 8.700.0.1004 2008.10.09 - VBA32 3.12.8.6 2008.10.09 Trojan.Win32.Obfuscated.gx ViRobot 2008.10.9.1414 2008.10.09 - VirusBuster 4.5.11.0 2008.10.09 - Additional information File size: 94208 bytes MD5...: 6dc9e125540c1f9a0c94e95d22da3966 SHA1..: c2b479306e8afb346edfe11562d0a0c19cb07e42 SHA256: a1971b8d541c4c91d9d1800ecedce0f015731b5b0f7757dd950766cb1b56e47c SHA512: 227e11ad1de3ce50b5460b66b6c3ccb645347c12cc2fb5d3c6c6ce182e31864b<br>507bcd24d844e2c55666d3d5195f6b04f1613397f1d71c701942f37e063d3b53 PEiD..: - TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x403c4e<br>timedatestamp.....: 0x48e8909a (Sun Oct 05 10:02:02 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.iopyu 0x1000 0x139d2 0x14000 6.86 ce301c1159b1d8e7c94ff35640f528cb<br>.dvvxn 0x15000 0x25e 0x1000 1.14 15a7823aa42effba74a031402fb4eccd<br>.cpjk 0x16000 0x5a00 0x1000 0.56 8670dbc9c3a9b3d71303dd7edb4b4ecc<br><br>( 1 imports ) <br>> KERNEL32.dll: GetLastError, GetLogicalDrives, ResumeThread, ReadProcessMemory, SetLastError, ResetEvent, GetCurrentProcessId, SetFilePointer, DeleteFileW, GetFileAttributesW, VirtualFree, LoadLibraryA, GetFileAttributesExW, MultiByteToWideChar, GlobalFree, GlobalAlloc, GetProcAddress, GlobalLock, InterlockedDecrement, GetCurrentThreadId, GetLocalTime<br><br>( 0 exports ) <br> Prevx info: http://info.prevx.com/aboutprogramte...4E3F005180250F Antivirus;Version;Last Update;Result AhnLab-V3;2008.10.10.0;2008.10.09;- AntiVir;7.8.1.34;2008.10.09;TR/Obfuscated.GX.2150 Authentium;5.1.0.4;2008.10.09;- Avast;4.8.1248.0;2008.10.09;Win32:PureMorph AVG;8.0.0.161;2008.10.09;Generic11.ARNH BitDefender;7.2;2008.10.09;- CAT-QuickHeal;9.50;2008.10.08;Win32.Trojan.Obfuscated.gx.3 ClamAV;0.93.1;2008.10.09;- DrWeb;4.44.0.09170;2008.10.09;- eSafe;7.0.17.0;2008.10.08;- eTrust-Vet;31.6.6139;2008.10.09;- Ewido;4.0;2008.10.09;- F-Prot;4.4.4.56;2008.10.09;- F-Secure;8.0.14332.0;2008.10.09;Trojan.Win32.Obfuscated.gx Fortinet;3.113.0.0;2008.10.09;W32/PolySmall.BP!tr GData;19;2008.10.10;Win32:PureMorph Ikarus;T3.1.1.34.0;2008.10.09;Trojan.Win32.Obfuscated.gx K7AntiVirus;7.10.489;2008.10.09;- Kaspersky;7.0.0.125;2008.10.09;Trojan.Win32.Obfuscated.gx McAfee;5402;2008.10.09;FakeAlert-BD Microsoft;1.4005;2008.10.09;Trojan:Win32/Busky.EI NOD32;3509;2008.10.10;a variant of Win32/TrojanDownloader.FakeAlert.IQ Norman;5.80.02;2008.10.09;W32/Busky.DJJE Panda;9.0.0.4;2008.10.09;Adware/Lop PCTools;4.4.2.0;2008.10.09;- Prevx1;V2;2008.10.10;Cloaked Malware Rising;20.65.32.00;2008.10.09;- SecureWeb-Gateway;6.7.6;2008.10.09;Trojan.Obfuscated.GX.2150 Sophos;4.34.0;2008.10.09;Mal/Generic-A Sunbelt;3.1.1708.1;2008.10.09;Trojan.Win32.Obfuscated.gx Symantec;10;2008.10.09;- TheHacker;6.3.1.0.104;2008.10.09;- TrendMicro;8.700.0.1004;2008.10.09;- VBA32;3.12.8.6;2008.10.09;Trojan.Win32.Obfuscated.gx ViRobot;2008.10.9.1414;2008.10.09;- VirusBuster;4.5.11.0;2008.10.09;- Additional information File size: 94208 bytes MD5...: 6dc9e125540c1f9a0c94e95d22da3966 SHA1..: c2b479306e8afb346edfe11562d0a0c19cb07e42 SHA256: a1971b8d541c4c91d9d1800ecedce0f015731b5b0f7757dd950766cb1b56e47c SHA512: 227e11ad1de3ce50b5460b66b6c3ccb645347c12cc2fb5d3c6c6ce182e31864b<br>507bcd24d844e2c55666d3d5195f6b04f1613397f1d71c701942f37e063d3b53 PEiD..: - TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x403c4e<br>timedatestamp.....: 0x48e8909a (Sun Oct 05 10:02:02 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.iopyu 0x1000 0x139d2 0x14000 6.86 ce301c1159b1d8e7c94ff35640f528cb<br>.dvvxn 0x15000 0x25e 0x1000 1.14 15a7823aa42effba74a031402fb4eccd<br>.cpjk 0x16000 0x5a00 0x1000 0.56 8670dbc9c3a9b3d71303dd7edb4b4ecc<br><br>( 1 imports ) <br>> KERNEL32.dll: GetLastError, GetLogicalDrives, ResumeThread, ReadProcessMemory, SetLastError, ResetEvent, GetCurrentProcessId, SetFilePointer, DeleteFileW, GetFileAttributesW, VirtualFree, LoadLibraryA, GetFileAttributesExW, MultiByteToWideChar, GlobalFree, GlobalAlloc, GetProcAddress, GlobalLock, InterlockedDecrement, GetCurrentThreadId, GetLocalTime<br><br>( 0 exports ) <br> Prevx info: http://info.prevx.com/aboutprogramte...4E3F005180250F