_install.exe noskrnl.exe - not detectable by Avast

Viruses and worms
1

_install.exe spreads yourself through shared directories in LAN
and noskrnl.exe process shows internet activity.

I upload now _intstall.exe

ADMIN: Never ever post viruses here!

2

Any samples should be sent directly to avast, see below. Have you upload this virus sample attached to your post, but changed the .exe to .jpg to get around the permitted file types, then you should remove the attachment from your post to avoid accidental exposure. We don’t post direct links to suspect files much less actually post them on the forums, please remove it and submit the sample.

Send the sample to virus@avast.com zipped and password protected with the password in email body and undetected malware in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.

3

don’t post active viruses or links to them here… edit your post and cut off the attachment, pls.

4

Update.

File _install.exe received on 11.08.2007 15:53:05 (CET) Antivirus Version Last Update Result AhnLab-V3 2007.11.9.0 2007.11.08 - AntiVir 7.6.0.34 2007.11.08 WORM/Zhelatin.Gen Authentium 4.93.8 2007.11.07 W32/StormWorm.H Avast 4.7.1074.0 2007.11.08 - AVG 7.5.0.503 2007.11.08 Downloader.Tibs BitDefender 7.2 2007.11.08 Trojan.Peed.INS CAT-QuickHeal 9.00 2007.11.08 (Suspicious) - DNAScan ClamAV 0.91.2 2007.11.08 Trojan.Peed-45 DrWeb 4.44.0.09170 2007.11.08 Trojan.Packed.205 eSafe 7.0.15.0 2007.11.06 Suspicious File eTrust-Vet 31.2.5278 2007.11.07 Win32/Sintun.AM Ewido 4.0 2007.11.08 - FileAdvisor 1 2007.11.08 - Fortinet 3.11.0.0 2007.10.19 - F-Prot 4.4.2.54 2007.11.07 W32/StormWorm.H F-Secure 6.70.13030.0 2007.11.08 Packed.Win32.Tibs.dn Ikarus T3.1.1.12 2007.11.08 Trojan-Downloader.Win32.Tibs.pf Kaspersky 7.0.0.125 2007.11.08 Packed.Win32.Tibs.dn McAfee 5158 2007.11.07 Tibs-Packed Microsoft 1.3007 2007.11.08 Trojan:Win32/Tibs.EV NOD32v2 2646 2007.11.08 probably unknown NewHeur_PE virus Norman 5.80.02 2007.11.08 - Panda 9.0.0.4 2007.11.07 - Rising 20.17.32.00 2007.11.08 - Sophos 4.23.0 2007.11.08 Mal/Dorf-F Sunbelt 2.2.907.0 2007.11.07 - Symantec 10 2007.11.08 Trojan.Peacomm.D TheHacker 6.2.9.119 2007.11.07 - VBA32 3.12.2.4 2007.11.08 - VirusBuster 4.3.26:9 2007.11.07 - Webwasher-Gateway 6.0.1 2007.11.08 Worm.Zhelatin.Gen Additional information File size: 126826 bytes MD5: 35ee47b5307d15cfcbf9146e39664a5f SHA1: 31a8b50b1c3c0ed8fd31d90c3f897e1bdcc15588

I have uploaded this sample using my forum profile email address.

5

Ok I got it.
In fact I expected the virus sumbmission form on the website or some info (Davider provided).
But I haven’t found any.

6

There currently isn’t an on-line submission, only the methods I mentioned.

Welcome to the forums.