polonus
1
Trojan.Gen
File name: c:\nismanager\data\9a052e33-be68-44d3-b5ca-f05727f533c2_243673069\get.php
Location: htxp://97.93.206.182/get.php?p=qJK51tK9D_ruZVXGD_rkbUUEEYY-gD4D&i=t1&r=MGGZ_i_h_hPW-gEWI-gWYR-gTO_hF_hXX_hGW_9FDG-uW
See: http://www.virustotal.com/file-scan/report.html?id=a18bda4c8e542cee8d19ecbd329060ec3cf9960eb1d04be515250485b32f1664-1298298990
and
Threat Name: Trojan.Gen
File name: c:\nismanager\data\2350275b-1365-4787-98e6-03a6ca4f7094_1936411850\get.php
Location: htxp://97.93.206.182/get.php?p=qJK51tK9D_ruZVXGD_rkbTIQOYI-gD4D&i=t1&r=MGGZ_i_h_hPW-gEWI-gWYR-gTO_hF_hX5_hGW_9FDG-uW
See: get.php : http://www.virustotal.com/file-scan/report.html?id=a18bda4c8e542cee8d19ecbd329060ec3cf9960eb1d04be515250485b32f1664-1298299256
polonus
Left123
2
Did you send the samples to avast lab?
I missed that kind of topics from you ;D,glad to see you again here.
Phil
Pondus
3
Both files are the same, same MD5 on VT
polonus
4
Hi Pondus,
htxp://97.93.206.182/get.php?p=qJK51tK9D_ruZVXGD_rkbUUEEYY-gD4D&i=t1&r=MGGZ_i_h_hPW-gEWI-gWYR-gTO_hF_hXX_hGW_9FDG-uW
The avast Network Shield blocks the object as URL:Mal
But virustotal does not have that:
http://www.virustotal.com/file-scan/report.html?id=a18bda4c8e542cee8d19ecbd329060ec3cf9960eb1d04be515250485b32f1664-1298303754 (for Trojan.Win32.Searches.oy)
But certainly will have this on a re-scan, so there is detection for it, and we are secureā¦
polonus