Nuevas variantes de FAKE TOOLS SYSTEM REPAIR
Recibidas cuatro diferentes variantes de esta familia, pasamos a controlarlas todas a partir del ELISTARA 23,73 de hoy
ofrecemos el informe del preanalisis de virusTotal sobre los dichas variantes
File name:
NDYRHQYLTQYAUP.EXE.Muestra EliStartPage v23.69
Submission date:
2011-08-23 10:38:13 (UTC)
Current status:
finished
Result:
26 /41 (63.4%)
VT Community
malware
Safety score: 0.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.08.23.00 2011.08.23 Trojan/Win32.Jorik
AntiVir 7.11.13.184 2011.08.23 –
Antiy-AVL 2.0.3.7 2011.08.23 Trojan/Win32.Jorik.gen
Avast 4.8.1351.0 2011.08.22 Win32:Kryptik-ECG [Trj]
Avast5 5.0.677.0 2011.08.22 Win32:Kryptik-ECG [Trj]
AVG 10.0.0.1190 2011.08.23 Generic24.GQL
BitDefender 7.2 2011.08.23 Gen:Variant.Kazy.33003
CAT-QuickHeal 11.00 2011.08.23 –
ClamAV 0.97.0.0 2011.08.23 –
Commtouch 5.3.2.6 2011.08.23 –
Comodo 9844 2011.08.23 UnclassifiedMalware
Emsisoft 5.1.0.10 2011.08.23 Trojan.Win32.Jorik!IK
eSafe 7.0.17.0 2011.08.22 –
eTrust-Vet 36.1.8516 2011.08.23 –
F-Prot 4.6.2.117 2011.08.22 –
F-Secure 9.0.16440.0 2011.08.23 Gen:Variant.Kazy.33003
Fortinet 4.2.257.0 2011.08.23 W32/Jorik.FR!tr
GData 22 2011.08.23 Gen:Variant.Kazy.33003
Ikarus T3.1.1.107.0 2011.08.23 Trojan.Win32.Jorik
Jiangmin 13.0.900 2011.08.22 Trojan/Jorik.joy
K7AntiVirus 9.110.5042 2011.08.22 –
Kaspersky 9.0.0.837 2011.08.23 Trojan.Win32.Jorik.Fraud.aky
McAfee 5.400.0.1158 2011.08.23 FakeAlert-SysDef.b
McAfee-GW-Edition 2010.1D 2011.08.22 FakeAlert-SysDef.b
Microsoft 1.7604 2011.08.23 Trojan:Win32/FakeSysdef
NOD32 6402 2011.08.23 a variant of Win32/Kryptik.RGR
Norman 6.07.10 2011.08.23 –
nProtect 2011-08-23.01 2011.08.23 Gen:Variant.Kazy.33003
Panda 10.0.3.5 2011.08.22 Trj/Genetic.gen
PCTools 8.0.0.5 2011.08.23 Trojan.FakeAV!rem
Prevx 3.0 2011.08.23 –
Rising 23.72.01.03 2011.08.23 –
Sophos 4.68.0 2011.08.23 Mal/FakeAV-LS
SUPERAntiSpyware 4.40.0.1006 2011.08.23 Trojan.Agent/Gen-FraudSoft
TheHacker 6.7.0.1.282 2011.08.22 Trojan/Jorik.Fraud.aky
TrendMicro 9.500.0.1008 2011.08.23 –
TrendMicro-HouseCall 9.500.0.1008 2011.08.23 –
VBA32 3.12.16.4 2011.08.23 –
VIPRE 10247 2011.08.23 Trojan.Win32.Generic.pak!cobra
ViRobot 2011.8.23.4635 2011.08.23 –
VirusBuster 14.0.181.1 2011.08.22 Trojan.Kryptik!q/OKDob10r4
Additional information
MD5 : e09d607d70b3c86658f427df6d424b1f
SHA1 : 4d3a781da5f2e2ca9086287fa0f3da564cfb3a2d
SHA256: 7b585cabe88473b5ab5b7a6c8b898f5c29e5e3071e90b08275965b8210223f8b
File size : 403456 bytes
publisher….: CyberLink Corp.
copyright….: (c) CyberLink Corp. All rights reserved.
product……: PowerDirector
description..: PowerDirector
original name: PowerDirector.exe
internal name: PowerDirector
file version.: 8.00.3224
___________
File name:
P1KALMIG2KB7FZ.EXE.Muestra EliStartPage v23.69
Submission date:
2011-08-23 10:41:07 (UTC)
Current status:
finished
Result:
29 /44 (65.9%)
VT Community
malware
Safety score: 0.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.08.23.00 2011.08.23 Trojan/Win32.Jorik
AntiVir 7.11.13.184 2011.08.23 TR/Crypt.XPACK.Gen3
Antiy-AVL 2.0.3.7 2011.08.23 Trojan/Win32.Jorik.gen
Avast 4.8.1351.0 2011.08.22 Win32:Kryptik-ECG [Trj]
Avast5 5.0.677.0 2011.08.22 Win32:Kryptik-ECG [Trj]
AVG 10.0.0.1190 2011.08.23 Generic24.FOI
BitDefender 7.2 2011.08.23 Gen:Variant.Kazy.33003
ByteHero 1.0.0.1 2011.08.22 Trojan.Win32.Heur.Gen
CAT-QuickHeal 11.00 2011.08.23 –
ClamAV 0.97.0.0 2011.08.23 –
Commtouch 5.3.2.6 2011.08.23 –
Comodo 9844 2011.08.23 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2011.08.23 Trojan.Fakealert.23300
Emsisoft 5.1.0.10 2011.08.23 Trojan.Win32.Jorik!IK
eSafe 7.0.17.0 2011.08.22 –
eTrust-Vet 36.1.8516 2011.08.23 –
F-Prot 4.6.2.117 2011.08.22 –
F-Secure 9.0.16440.0 2011.08.23 Gen:Variant.Kazy.33003
Fortinet 4.2.257.0 2011.08.23 W32/Jorik.FR!tr
GData 22 2011.08.23 Gen:Variant.Kazy.33003
Ikarus T3.1.1.107.0 2011.08.23 Trojan.Win32.Jorik
Jiangmin 13.0.900 2011.08.22 Trojan/Jorik.joy
K7AntiVirus 9.110.5042 2011.08.22 –
Kaspersky 9.0.0.837 2011.08.23 Trojan.Win32.Jorik.Fraud.aof
McAfee 5.400.0.1158 2011.08.23 FakeAlert-SysDef.b
McAfee-GW-Edition 2010.1D 2011.08.22 FakeAlert-SysDef.b
Microsoft 1.7604 2011.08.23 Trojan:Win32/FakeSysdef
NOD32 6402 2011.08.23 a variant of Win32/Kryptik.RGR
Norman 6.07.10 2011.08.23 –
nProtect 2011-08-23.01 2011.08.23 Gen:Variant.Kazy.33003
Panda 10.0.3.5 2011.08.22 Trj/Genetic.gen
PCTools 8.0.0.5 2011.08.23 SecurityRisk.UltraDefragFraud!gen4
Prevx 3.0 2011.08.23 –
Rising 23.72.01.03 2011.08.23 –
Sophos 4.68.0 2011.08.23 Mal/FakeAV-LS
SUPERAntiSpyware 4.40.0.1006 2011.08.23 Trojan.Agent/Gen-FraudSoft
Symantec 20111.2.0.82 2011.08.23 UltraDefragFraud!gen4
TheHacker 6.7.0.1.282 2011.08.22 –
TrendMicro 9.500.0.1008 2011.08.23 –
TrendMicro-HouseCall 9.500.0.1008 2011.08.23 –
VBA32 3.12.16.4 2011.08.23 –
VIPRE 10247 2011.08.23 Trojan.Win32.Jorik.Fraud.un (v)
ViRobot 2011.8.23.4635 2011.08.23 –
VirusBuster 14.0.181.1 2011.08.22 Trojan.Kryptik!zD/cPP1VisE
Additional information
MD5 : e53fa27d72d29c403f99cc7001837010
SHA1 : 69f4d0697bb31f1a18b2e5fe5343f15faff7c790
File size : 320512 bytes
publisher….: CyberLink Corp.
copyright….: (c) CyberLink Corp. All rights reserved.
product……: PowerDirector
description..: PowerDirector
original name: PowerDirector.exe
internal name: PowerDirector
file version.: 8.00.3224
____________
File name:
P1KALMIG2KB7FZ.EXE.Muestra EliStartPage v23.69
Submission date:
2011-08-23 08:22:51 (UTC)
Current status:
finished
Result:
37 /44 (84.1%)
VT Community
malware
Safety score: 0.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.08.23.00 2011.08.23 Win-Trojan/Fakeav.315904.BF
AntiVir 7.11.13.184 2011.08.23 TR/Crypt.XPACK.Gen3
Antiy-AVL 2.0.3.7 2011.08.23 Trojan/Win32.Jorik.gen
Avast 4.8.1351.0 2011.08.22 Win32:Kryptik-ECG [Trj]
Avast5 5.0.677.0 2011.08.22 Win32:Kryptik-ECG [Trj]
AVG 10.0.0.1190 2011.08.23 Generic24.FGA
BitDefender 7.2 2011.08.23 Trojan.Generic.KDV.311582
ByteHero 1.0.0.1 2011.08.22 Trojan.Win32.Heur.Gen
CAT-QuickHeal 11.00 2011.08.23 –
ClamAV 0.97.0.0 2011.08.23 –
Commtouch 5.3.2.6 2011.08.23 –
Comodo 9842 2011.08.23 UnclassifiedMalware
DrWeb 5.0.2.03300 2011.08.23 Trojan.Fakealert.23300
Emsisoft 5.1.0.10 2011.08.23 Trojan.Win32.Jorik!IK
eSafe 7.0.17.0 2011.08.22 Win32.TRCrypt.XPACK
eTrust-Vet 36.1.8515 2011.08.22 –
F-Prot 4.6.2.117 2011.08.22 –
F-Secure 9.0.16440.0 2011.08.23 Trojan.Generic.KDV.311582
Fortinet 4.2.257.0 2011.08.23 W32/Jorik.FR!tr
GData 22 2011.08.23 Trojan.Generic.KDV.311582
Ikarus T3.1.1.107.0 2011.08.23 Trojan.Win32.Jorik
Jiangmin 13.0.900 2011.08.22 Trojan/Jorik.joy
K7AntiVirus 9.110.5042 2011.08.22 Trojan
Kaspersky 9.0.0.837 2011.08.23 Trojan.Win32.Jorik.Fraud.anl
McAfee 5.400.0.1158 2011.08.23 FakeAlert-SysDef.b
McAfee-GW-Edition 2010.1D 2011.08.22 FakeAlert-SysDef.b
Microsoft 1.7604 2011.08.23 Trojan:Win32/FakeSysdef
NOD32 6401 2011.08.23 a variant of Win32/Kryptik.RGR
Norman 6.07.10 2011.08.22 W32/Suspicious_Gen2.NXNKG
nProtect 2011-08-23.01 2011.08.23 Gen:Variant.Kazy.33003
Panda 10.0.3.5 2011.08.22 Trj/Genetic.gen
PCTools 8.0.0.5 2011.08.23 Trojan.Gen
Prevx 3.0 2011.08.23 –
Rising 23.71.03.03 2011.08.18 –
Sophos 4.68.0 2011.08.23 Mal/FakeAV-LS
SUPERAntiSpyware 4.40.0.1006 2011.08.23 Trojan.Agent/Gen-FraudSoft
Symantec 20111.2.0.82 2011.08.23 Trojan.Gen
TheHacker 6.7.0.1.282 2011.08.22 Trojan/Jorik.Fraud.anl
TrendMicro 9.500.0.1008 2011.08.17 TROJ_GEN.RC1C2H8
TrendMicro-HouseCall 9.500.0.1008 2011.08.23 TROJ_GEN.RC1C2H8
VBA32 3.12.16.4 2011.08.23 Trojan.Jorik.Fraud.anl
VIPRE 10247 2011.08.23 Trojan.Win32.Jorik.Fraud.un (v)
ViRobot 2011.8.23.4634 2011.08.23 Trojan.Win32.Jorik.395776
VirusBuster 14.0.181.1 2011.08.22 Trojan.Kryptik!zlrXKUQkCwc
Additional information
MD5 : 5ef192cf7205299ddb3dd81695036b11
SHA1 : 25df0b88d43e3679d9b596677901f4cfe3fa7b30
File size : 315904 bytes
publisher….: PowerQuest Corporation
copyright….: Copyright (c) 1994-2001 PowerQuest Corp.
product……: PTEdit for Windows
description..: Partition Table Editor for Windows
original name: ptedit32.exe
internal name: PTEDIT32.EXE
file version.: 1.1.0.0
_______________
File name:
RPSVRMTEABNPQN.EXE.Muestra EliStartPage v23.69
Submission date:
2011-08-23 08:25:00 (UTC)
Current status:
finished
Result:
35 /44 (79.5%)
VT Community
malware
Safety score: 0.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.08.23.00 2011.08.23 Trojan/Win32.Jorik
AntiVir 7.11.13.184 2011.08.23 TR/FakeSysdef.A.1209
Antiy-AVL 2.0.3.7 2011.08.23 Trojan/Win32.Jorik.gen
Avast 4.8.1351.0 2011.08.22 Win32:Kryptik-ECG [Trj]
Avast5 5.0.677.0 2011.08.22 Win32:Kryptik-ECG [Trj]
AVG 10.0.0.1190 2011.08.23 Generic24.FQG
BitDefender 7.2 2011.08.23 Trojan.Generic.KD.310187
ByteHero 1.0.0.1 2011.08.22 Trojan.Win32.Heur.Gen
CAT-QuickHeal 11.00 2011.08.23 –
ClamAV 0.97.0.0 2011.08.23 –
Commtouch 5.3.2.6 2011.08.23 –
Comodo 9842 2011.08.23 UnclassifiedMalware
DrWeb 5.0.2.03300 2011.08.23 Trojan.Fakealert.23300
Emsisoft 5.1.0.10 2011.08.23 Trojan.Win32.Jorik!IK
eSafe 7.0.17.0 2011.08.22 –
eTrust-Vet 36.1.8515 2011.08.22 –
F-Prot 4.6.2.117 2011.08.22 –
F-Secure 9.0.16440.0 2011.08.23 Trojan.Generic.KD.310187
Fortinet 4.2.257.0 2011.08.23 W32/Jorik.FR!tr
GData 22 2011.08.23 Trojan.Generic.KD.310187
Ikarus T3.1.1.107.0 2011.08.23 Trojan.Win32.Jorik
Jiangmin 13.0.900 2011.08.22 Trojan/Jorik.joy
K7AntiVirus 9.110.5042 2011.08.22 –
Kaspersky 9.0.0.837 2011.08.23 Trojan.Win32.Jorik.Fraud.ake
McAfee 5.400.0.1158 2011.08.23 FakeAlert-SysDef.b
McAfee-GW-Edition 2010.1D 2011.08.22 FakeAlert-SysDef.b
Microsoft 1.7604 2011.08.23 Trojan:Win32/FakeSysdef
NOD32 6401 2011.08.23 a variant of Win32/Kryptik.RGR
Norman 6.07.10 2011.08.22 –
nProtect 2011-08-23.01 2011.08.23 Gen:Variant.Kazy.33003
Panda 10.0.3.5 2011.08.22 Trj/Genetic.gen
PCTools 8.0.0.5 2011.08.23 Trojan.FakeAV!rem
Prevx 3.0 2011.08.23 –
Rising 23.71.03.03 2011.08.18 Trojan.Win32.Generic.128D2A2B
Sophos 4.68.0 2011.08.23 Mal/FakeAV-LS
SUPERAntiSpyware 4.40.0.1006 2011.08.23 Trojan.Agent/Gen-FraudSoft
Symantec 20111.2.0.82 2011.08.23 Trojan.FakeAV
TheHacker 6.7.0.1.282 2011.08.22 Trojan/Jorik.Fraud.ake
TrendMicro 9.500.0.1008 2011.08.17 TROJ_GEN.F43C1HB
TrendMicro-HouseCall 9.500.0.1008 2011.08.23 TROJ_GEN.F43C1HB
VBA32 3.12.16.4 2011.08.23 Trojan.Jorik.Fraud.ake
VIPRE 10247 2011.08.23 Trojan.Win32.Generic.pak!cobra
ViRobot 2011.8.23.4634 2011.08.23 Trojan.Win32.Jorik.395776
VirusBuster 14.0.181.1 2011.08.22 Trojan.FakeSysdef!VleyDxyWL1w
Additional information
MD5 : 4fd4254eef1958867c441aca4c9067b9
SHA1 : 511c6c6acd1fa94c4ec24cd073b53e9755289e51
File size : 395264 bytes
publisher….: PowerQuest Corporation
copyright….: Copyright (c) 1994-2001 PowerQuest Corp.
product……: PTEdit for Windows
description..: Partition Table Editor for Windows
original name: ptedit32.exe
internal name: PTEDIT32.EXE
file version.: 1.1.0.0
__________
Dicha version del ELISTARA 23.73 que los detecta y elimina, estará disponible en nuestra web a partir de las 19 h CEST de hoy
saludos
ms, 25-8-2011
NOTA: Los interesados en información sobre contrato de soporte Asistencia Tecnica de SATINFO y/o licencia de uso/actualizaciones de sus utilidades, contacten con info@satinfo.es
__________
Este blog no se hace responsable de las opiniones y comentarios de los textos en los que se cita la Fuente, ofreciendo su contenido solo para facilitar el acceso a la información del mismo.
Puedes seguir cualquier respuesta a esta entrada mediante el canal RSS 2.0. Los comentarios y los pings están cerrados.
Siguenos
en facebook
Los comentarios están cerrados.