Re: Is this a security threat
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Thu, 21 Dec 2006 19:10:50 -0500
From: "Liron" <Liron@xxxxxxxxxxxxxxxxxxxxxxxxx>
< snip >
| onto my computer.
|
| The name of the program that was offered to me in the dialog windows was
| DriveCleaner. The file which was detected by my antivirus program was
| installdrivecleanerstart.cab and was located in the Temporary Internet Files
| folder.
Files are not are not "installed" in the temporary internet files (TIF) or Browser cache.
The files are cahed from accessing web sites.
DriveCleaner is malware. I jsut submitted an installer for it a little while ago. Nelow is
a Virus Total report for that installer. Your "un-named" anti virus software did its job.
Hopefully you didn't go ahead and believe this web site's bullsh!t and install DriveCleaner.
Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files
Perform a complete scan of your computer uising your "un-named" anti virus software.
Complete scanning result of "installdrivecleanerstart.exe", processed in VirusTotal at
12/22/2006 00:07:55 (CET).
[ file data ]
* name: installdrivecleanerstart.exe
* size: 120528
* md5.: 653a71be0689341b2b1a452ee551cdbc
* sha1: c0e8339c219fa51ef56cf70ab31e55c37e4b83c9
[ scan result ]
AntiVir 7.3.0.21/20061221 found nothing
Authentium 4.93.8/20061221 found [Possibly a new variant of
W32/Behavior:SelfStarterInternetTrojan!Maximus]
Avast 4.7.892.0/20061221 found nothing
AVG 386/20061221 found nothing
BitDefender 7.2/20061221 found [Application.DriveCleaner.E]
CAT-QuickHeal 8.00/20061221 found nothing
ClamAV devel-20060426/20061221 found nothing
DrWeb 4.33/20061221 found [Trojan.DownLoader.13909]
eSafe 7.0.14.0/20061221 found [Win32.Agent.axb]
eTrust-InoculateIT 23.73.93/20061221 found nothing
eTrust-Vet 30.3.3268/20061221 found nothing
Ewido 4.0/20061221 found [Adware.DriveCleaner]
F-Prot 3.16f/20061221 found [Possibly a new variant of
W32/Behavior:SelfStarterInternetTrojan!Maximus]
F-Prot4 4.2.1.29/20061221 found [W32/Behavior:SelfStarterInternetTrojan!Maximus]
Fortinet 2.82.0.0/20061221 found [Misc/DriveCleaner]
Ikarus T3.1.0.27/20061221 found [Win32.SuspectCrc]
Kaspersky 4.0.2.24/20061221 found nothing
McAfee 4924/20061221 found [potentially unwanted program DriveCleaner]
Microsoft 1.1904/20061221 found nothing
NOD32v2 1934/20061221 found [a variant of Win32/Adware.WinFixer]
Norman 5.80.02/20061221 found nothing
Panda 9.0.0.4/20061221 found [Application/DriveCleaner]
Prevx1 V2/20061222 found [Rogue.Drive.Cleaner]
Sophos 4.12.0/20061221 found nothing
Sunbelt 2.2.907.0/20061218 found [Drivecleaner Inc (v)]
TheHacker 6.0.3.135/20061220 found nothing
UNA 1.83/20061221 found nothing
VBA32 3.11.1/20061221 found [Trojan.DownLoader.13909]
VirusBuster 4.3.19:9/20061221 found nothing
[ notes ]
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=7d6a39933965
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
.
- Prev by Date: Re: java/byte verify
- Next by Date: RE: How redundancy works in Win2003 PKI ?
- Previous by thread: Re: Enum only files/folders where explicit NTFS rights have been sette
- Next by thread: Re: 2 Questions re: Delegation of Control in Active Directory
- Index(es):
