This popular flash site is a trojan backdoor not detected by Avast, only by Kaspersky and Nod32.
[Link to malware removed by ADMINISTRATOR. Thanks for understanding]
Warning: trojan site
Avast was advised, but don´t get update for it.
This popular flash site is a trojan backdoor not detected by Avast, only by Kaspersky and Nod32.
[Link to malware removed by ADMINISTRATOR. Thanks for understanding]
Warning: trojan site
Avast was advised, but don´t get update for it.
Please modify the link so that it is unclickable put spaces around the www or delete the dots. Because unfortunately someone will click it and may get infected…Ta
Hi, welcome Aesp.
Certainly a rich blend of viruses available there. Servers on Pacific islands (this one is Samoa isn’t it ?) are often abused by cybercriminals. Their actual location may be anywhere in the world.
that web site:
Antivirus Version Update Result
AntiVir 6.31.1.0 09.09.2005 no virus found
Avast 4.6.695.0 09.09.2005 no virus found
AVG 718 09.10.2005 no virus found
Avira 6.31.1.0 09.09.2005 no virus found
BitDefender 7.0 09.02.2005 no virus found
CAT-QuickHeal 8.00 09.10.2005 no virus found
ClamAV devel-20050725 09.11.2005 no virus found
DrWeb 4.32b 09.11.2005 no virus found
eTrust-Iris 7.1.194.0 09.09.2005 no virus found
eTrust-Vet 11.9.1.0 09.09.2005 no virus found
Fortinet 2.41.0.0 09.07.2005 no virus found
F-Prot 3.16c 09.09.2005 no virus found
Ikarus 0.2.59.0 09.09.2005 no virus found
Kaspersky 4.0.2.24 09.11.2005 no virus found
McAfee 4578 09.09.2005 no virus found
NOD32v2 1.1213 09.09.2005 no virus found
Norman 5.70.10 09.09.2005 no virus found
Panda 8.02.00 09.11.2005 no virus found
Sophos 3.97.0 09.10.2005 no virus found
Symantec 8.0 09.10.2005 no virus found
TheHacker 5.8.2.103 09.10.2005 no virus found
VBA32 3.10.4 09.09.2005 no virus found
www.virustotal.com :: @ Hispasec Sistemas 2004 :: e-mail info@virustotal.com
I’m not sure, but won’t virustotal be limited to files and not websites?
Hi.
If you visit the website it tries to automatically download a file when you click on the icon in the first webpage.
this looks like a flash.exe file but is detected by Nod32 and KAV as malicous.
Here is jotti’s results on the file.
Cheers
Jlo
File: baratinha.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file’s scan results will not be stored in the database)
MD5 61bd7530cbabba8973327d2538d05007
Packers detected: PETITE
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Dropper.Win32.Delf.my
NOD32 Found probably unknown NewHeur_PE (probable variant)
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing
I went to that page and as soon as I arrived it tried to download an exe file. As I use a download manager I could stop it immediatetly. I only download what I want not at some websites whim. But for an inexperienced user it could be downright lethal
Too bad !
NewHeur cannot be removed as far as I know. Reformat and re-install.
Please remove that link or corrupt it :
New scan at www.virustotal.com:
AntiVir 6.31.1.0 09.12.2005 no virus found
Avast 4.6.695.0 09.12.2005 no virus found
AVG 718 09.12.2005 Dropper.Delf.4.BH
Avira 6.31.1.0 09.12.2005 no virus found
BitDefender 7.0 09.02.2005 no virus found
CAT-QuickHeal 8.00 09.12.2005 no virus found
ClamAV devel-20050725 09.12.2005 no virus found
DrWeb 4.32b 09.12.2005 Trojan.MulDrop.2666
eTrust-Iris 7.1.194.0 09.12.2005 Win32/Barata!Dropper
eTrust-Vet 11.9.1.0 09.12.2005 no virus found
Fortinet 2.41.0.0 09.07.2005 no virus found
F-Prot 3.16c 09.12.2005 no virus found
Ikarus 0.2.59.0 09.12.2005 no virus found
Kaspersky 4.0.2.24 09.12.2005 Trojan-Dropper.Win32.Delf.my
McAfee 4579 09.12.2005 no virus found
NOD32v2 1.1213 09.09.2005 probably unknown NewHeur_PE virus
Norman 5.70.10 09.12.2005 no virus found
Panda 8.02.00 09.12.2005 no virus found
Sophos 3.97.0 09.12.2005 no virus found
Symantec 8.0 09.11.2005 no virus found
TheHacker 5.8.2.105 09.12.2005 no virus found
VBA32 3.10.4 09.12.2005 Trojan-Dropper.Win32.Delf.my
May be Ewido Security Suite, specially designed to tackle Trojans,
http://www.ewido.net/en/features/
could get rid of it. You may download the program for a 14 days trial.
TrojanHunter is another powerful program to do this.
WARNING ! This might result in a system crash and the computer refusing to shut down. Switch off and start up again. Windows will (hopefully) repair itself.
Hi Aesp,
I have found a description of this trojan dropper here:
http://wirusy.antivirenkit.pl/en/opis/Trojan-Dropper.Win32.Delf.cq.html. It is a pity it is only in Polish, but with Babelfish you can translate it.
polonus