Jump to content
Sign in to follow this  
Di0g00

Trojan?

Recommended Posts

Hi people.

I posted a rar in Newest Malware Threats section.

http://forums.malwarebytes.org/index.php?showtopic=59962

I sended this to Microsoft and Eset, and microsoft & eset removed this from the database.

The Microsoft Malware Protection Center (MMPC) has investigated the following file(s) which we received on ...

Submission ID ...

Submitted Files

=============================================

TeknoGods_Beta13.zip [Not Malware]

+---ConnectionOverrideHamachi.reg [Not Malware]

+---ConnectionOverrideTunngle.reg [Not Malware]

+---DLLLoad.exe [Not Malware]

+---readme.txt [Not Malware]

+---TeknoGods.dll [Not Malware]

Malwarebytes added this to the database

Its a trojan or not?? Microsoft and Eset Nod32 says no, malwarebytes says yes :)

Share this post


Link to post
Share on other sites

There is only one file detected BTW.

The issue is that for reasons I have never understood a lot of these hacks are built/protected either just like malware or in very strange ways.

Just look at the mess the author has caused for himself :

File TeknoGods.dll received on 2010.08.08 20:58:12 (UTC)

Result: 33/41 (80.49%)

AhnLab-V3 2010.08.08.00 2010.08.07 Dropper/Clons.573952

AntiVir 8.2.4.34 2010.08.08 TR/Drop.Clons.els

Antiy-AVL 2.0.3.7 2010.08.06 Trojan/Win32.Clons.gen

Authentium 5.2.0.5 2010.08.08 W32/SuspPack.BB.gen!Eldorado

AVG 9.0.0.851 2010.08.08 Dropper.Generic.CEEE

BitDefender 7.2 2010.08.08 Trojan.Generic.4092670

CAT-QuickHeal 11.00 2010.08.07 TrojanDropper.Clons.els

DrWeb 5.0.2.03300 2010.08.08 Trojan.MulDrop1.32782

Emsisoft 5.0.0.36 2010.08.08 Trojan-Dropper.Win32.Clons!IK

F-Prot 4.6.1.107 2010.08.08 W32/SuspPack.BB.gen!Eldorado

F-Secure 9.0.15370.0 2010.08.07 Trojan.Generic.4092670

GData 21 2010.08.08 Trojan.Generic.4092670

Ikarus T3.1.1.84.0 2010.08.08 Trojan-Dropper.Win32.Clons

Jiangmin 13.0.900 2010.08.07 TrojanDropper.Clons.yh

Kaspersky 7.0.0.125 2010.08.08 Trojan-Dropper.Win32.Clons.els

McAfee 5.400.0.1158 2010.08.08 Generic Dropper!cul

McAfee-GW-Edition 2010.1 2010.08.08 Generic Dropper!cul

Microsoft 1.6004 2010.08.08 TrojanDropper:Win32/Dunik!rts

NOD32 5349 2010.08.07 probably a variant of Win32/Agent

Norman 6.05.11 2010.08.08 W32/Suspicious_Gen2.AEXBG

nProtect 2010-08-08.01 2010.08.08 Trojan/W32.Agent.573952.O

Panda 10.0.2.7 2010.08.08 Trj/Downloader.MDW

PCTools 7.0.3.5 2010.08.08 Adware.NewWeb

Prevx 3.0 2010.08.08 Medium Risk Malware

Rising 22.59.05.04 2010.08.07 Trojan.Win32.Generic.52020DF8

Sophos 4.56.0 2010.08.08 Mal/Generic-L

Sunbelt 6703 2010.08.08 Trojan.Win32.Generic!BT

Symantec 20101.1.1.7 2010.08.08 Adware.NewWeb

TrendMicro 9.120.0.1004 2010.08.08 TROJ_DROPPER.PJC

TrendMicro-HouseCall 9.120.0.1004 2010.08.08 TROJ_DROPPER.PJC

VBA32 3.12.12.8 2010.08.04 Trojan-Dropper.Win32.Clons.els

ViRobot 2010.7.29.3961 2010.08.08 Backdoor.Win32.S.Agent.573952

File size: 573952 bytes

MD5 : e9295993af884b0c65a035c5eaf06578

I can fix this but it wont do much good considering all of the other detections.

Share this post


Link to post
Share on other sites

What?

Arquivo TeknoGods_Beta13.zip recebido em 2010.08.09 15:23:45 (UTC)

Andamento: terminado

Resultado: 29/41 (70.73%)

Modo compacto

Imprimir resultados

Antiv

Share this post


Link to post
Share on other sites

Read my post again, there is only one file in the zip causing problems :

TeknoGods.dll

Share this post


Link to post
Share on other sites

Ya and eset & microsoft removed that file from the database. My nod32 dont detect that file...

Share this post


Link to post
Share on other sites

I fixed it as well but loads of other AVs still detect it so it wont help the reputation of the file itself.

Share this post


Link to post
Share on other sites

I only downloaded this and my Eset detected this. I sended this to eset, microsoft, malwarebytes to confirm if is a trojan or not, and eset & microsoft removed that from the database, but malwarebytes added this xD.

Sorry my bad english.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.