I got the virus hit trying to download an update for my tablet PC.

Avast 4.7 Home edition

file download attempt:
http://www.fujitsupc.com/downloads/mobile/Fujitsu_Button_Utilities_Update_V1.0.0.1.exe

http://virusscan.jotti.org/ output

File: Fujitsu_Button_Utilities_Update_V1.0.0.1.exe
Status:
POSSIBLY INFECTED/MALWARE (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 b880bbb230acde3d1ba8c33fe8393cb4
Packers detected:

Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found Win32:Trojan-gen. {VC}
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VirusBuster Found nothing
VBA32 Found nothing

Let me know if you need the file.

Regards,

Dan Garber

Seems a false positive…

Why avast! seems to generate more false positive? Have the Trojan-gen.xxx signatures been added into VPS recently?

avast! indentified some of my e-book as a trojan, I think it’s a false positive. This file was sent to Alwil for fixing.

TAP, when exactly did you send it?

It was today on local time appox. 12 AM, time zone (GMT+7) Bangkok, Hanoi, Jakarta. I sent a file called “Understanding_Computer_Security.exe” via Virus Chest.

Strange, we can’t find it. Can you please send it to my e-mail?
Thanks!

I think I know the reason, file size is exceeded the limitation of my SMTP server so it cannot be sent. I uploaded a file called “Understanding_Computer_Security.exe” to ftp://ftp.asw.cz, please check it out.

So please Alwil team, web-based malware sample submission is the way to go for solve such this and other problems.

the first file could be a virus:

Complete scanning result of “Fujitsu_Button_Utilities_Update_V”, received in VirusTotal at 05.12.2006, 11:53:50 (CET).

Antivirus Version Update Result
AntiVir 6.34.1.27 05.12.2006 no virus found
Avast 4.6.695.0 05.11.2006 Win32:Trojan-gen. {VC}
AVG 386 05.11.2006 no virus found
BitDefender 7.2 05.12.2006 no virus found
CAT-QuickHeal 8.00 05.11.2006 no virus found
ClamAV devel-20060426 05.11.2006 no virus found
DrWeb 4.33 05.12.2006 no virus found
eTrust-InoculateIT 23.72.6 05.12.2006 no virus found
eTrust-Vet 12.4.2207 05.12.2006 no virus found
Ewido 3.5 05.12.2006 no virus found
Fortinet 2.76.0.0 05.12.2006 no virus found
F-Prot 3.16c 05.11.2006 no virus found
Ikarus 0.2.65.0 05.11.2006 Net-Worm.Win32.Muma.F
Kaspersky 4.0.2.24 05.12.2006 no virus found
McAfee 4760 05.11.2006 no virus found
Microsoft 1.1372 05.12.2006 no virus found
NOD32v2 1.1533 05.12.2006 no virus found
Norman 5.90.17 05.11.2006 no virus found
Panda 9.0.0.4 05.11.2006 no virus found
Sophos 4.05.0 05.12.2006 no virus found
Symantec 8.0 05.12.2006 no virus found
TheHacker 5.9.7.142 05.12.2006 W32/Muma.f
UNA 1.83 05.11.2006 no virus found
VBA32 3.11.0 05.11.2006 no virus found

Aditional Information
File size: 279242 bytes
MD5: b880bbb230acde3d1ba8c33fe8393cb4
SHA1: cf46de32090d0d534fd59b9bf79aebe831cfc137
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.