what is this???

Ze Muffinman · 10-08-2006, 06:24 PM

What the hell, download it. The pictures may be porno, and everyone
loves porno! Even for a few viruses.
David H. Lipman wrote:
> From: "Beauregard T. Shagnasty" <a.nony.mous@example.invalid>
>
> | David H. Lipman wrote:
> |
> >> Avast 4.7.892.0/20061008 found [Win32:Agent-BNP]
> |
> | I downloaded the original link Nutpants posted (photo311.jpg) and Avast
> | wouldn't let me, says, as you found, it is:
> | Win32:Agent-BNP [Trj]
> |
> >> CAT-QuickHeal 8.00/20061007 found [(Suspicious) - DNAScan]
> |
> | Amusing that only Avast! and this CAT-Quickheal recognize it. <g>
> |
>
> It is a new variant of Licat.
> I say this because of the past files used in the BOTnet and the packers noted...
>
> packers: ASProtect
> packers: Aspack
>
> Example from a previous IRC-less BOTnet site...
>
> Complete scanning result of "photo211.pif", processed in VirusTotal at 10/09/2006 01:09:16
> (CET).
>
> [ file data ]
> * name: photo211.pif
> * size: 138752
> * md5.: e1c08eb679817fa4c0a15b9e9c217e88
> * sha1: abdcdce2450812213fcd7f61e842a6fdba0f3971
>
> [ scan result ]
> AntiVir 7.2.0.25/20061008 found [BDS/Licat.A]
> Authentium 4.93.8/20061006 found nothing
> Avast 4.7.892.0/20061008 found [Win32:Agent-BNP]
> AVG 386/20061007 found nothing
> BitDefender 7.2/20061008 found [Backdoor.Licat.A]
> CAT-QuickHeal 8.00/20061007 found [(Suspicious) - DNAScan]
> ClamAV devel-20060426/20061008 found nothing
> DrWeb 4.33/20061008 found [Trojan.DownLoader.13876]
> eTrust-InoculateIT 23.73.16/20061007 found nothing
> eTrust-Vet 30.3.3118/20061006 found [Win32/Licat.G]
> Ewido 4.0/20061008 found [Backdoor.MSNMaker.z]
> F-Prot 3.16f/20061006 found nothing
> F-Prot4 4.2.1.29/20061006 found nothing
> Fortinet 2.82.0.0/20061008 found [W32/Dloader.AB!tr]
> Ikarus 0.2.65.0/20061007 found nothing
> Kaspersky 4.0.2.24/20061009 found [Backdoor.Win32.MSNMaker.z]
> McAfee 4868/20061006 found nothing
> Microsoft 1.1603/20061009 found nothing
> NOD32v2 1.1794/20061006 found nothing
> Norman 5.80.02/20061006 found nothing
> Panda 9.0.0.4/20061008 found [Suspicious file]
> Sophos 4.10.0/20061005 found nothing
> TheHacker 6.0.1.094/20061008 found [Backdoor/MSNMaker.z]
> UNA 1.83/20061006 found nothing
> VBA32 3.11.1/20061008 found nothing
> VirusBuster 4.3.7:9/20061008 found nothing
>
> [ notes ]
> packers: ASProtect
> packers: Aspack
>
>
>
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm

Thread: what is this???

Thread Tools

Display

Threaded View

Re: what is this???

Thread Information

Users Browsing this Thread

Posting Permissions