winPenPack - The Portable Software Collection : Forum / topic
http://www.winpenpack.com/
en-gb
2024-03-19T07:13:23+01:00
winpenpack@nospam.com
hourly
1
2000-01-01T12:00+00:00
-
Possibile virus in X-Mule
http://www.winpenpack.com/en/e107_plugins/forum/forum_viewtopic.php?24424
2024-03-19T07:13:23+01:00
Dal momento che dopo aver effettuato una scansione con ClamAV, mi veniva rilevata la presenza di un Trojan, ho voluto far fare una scansione su Virus Total.Il file in questione è X-Mule, che dovrebbe essere l'X-launcher.Adesso sono un po' restio a mandarlo in esecuzione. Qualcuno mi può dire di più a riguardo??Grazie, e complimenti per questo meraviglioso progetto!! Questi sono i risultati di Virus Total.Antivirus Versione Ultimo aggiornamento RisultatoAhnLab-V3 2008.8.29.0 2008.08.29 -AntiVir 7.8.1.23 2008.08.31 -Authentium 5.1.0.4 2008.08.30 -Avast 4.8.1195.0 2008.08.30 -AVG 8.0.0.161 2008.08.30 -BitDefender 7.2 2008.08.31 -CAT-QuickHeal 9.50 2008.08.29 I-Worm.Sohanad.e[/color]ClamAV 0.93.1 2008.08.31 Trojan.Qhost-166DrWeb 4.44.0.09170 2008.08.31 -eSafe 7.0.17.0 2008.08.28 -eTrust-Vet 31.6.6057 2008.08.29 -Ewido 4.0 2008.08.31 -F-Prot 4.4.4.56 2008.08.30 -Fortinet 3.14.0.0 2008.08.31 PossibleThreatGData 19 2008.08.31 -Ikarus T3.1.1.34.0 2008.08.31 -K7AntiVirus 7.10.433 2008.08.30 -Kaspersky 7.0.0.125 2008.08.31 -McAfee 5373 2008.08.29 -Microsoft 1.3807 2008.08.25 -NOD32v2 3401 2008.08.30 -Norman 5.80.02 2008.08.29 -Panda 9.0.0.4 2008.08.31 -PCTools 4.4.2.0 2008.08.31 -Prevx1 V2 2008.08.31 -Rising 20.59.61.00 2008.08.31 -Sophos 4.33.0 2008.08.31 -Sunbelt 3.1.1592.1 2008.08.30 -Symantec 10 2008.08.31 -TheHacker 6.3.0.6.068 2008.08.30 -TrendMicro 8.700.0.1004 2008.08.31 -VBA32 3.12.8.4 2008.08.30 -ViRobot 2008.8.30.1357 2008.08.30 -VirusBuster 4.5.11.0 2008.08.31 -Webwasher-Gateway 6.6.2 2008.08.31 -Informazioni addizionaliFile size: 574077 bytesMD5...: 9040f675b76e0377e082430c1e725d5dSHA1..: e6af55ef59b88c887ec5735c58dd7aaad3c128f5SHA256: 67bf0a43278529575b493c5dd69feb014065de733f01e8a4fa80fa27cfd51f8fSHA512: 6721da7850bb1b5b2b575c093bab1641dadba0845b06d81eafe2f64b03373b28ee2f758db4a825e534fad8f2eebb0d1a3afc6890706fe60db431932e4dd159b7PEiD..: -TrID..: File type identificationWin32 Executable Generic (68.0%)Generic Win/DOS Executable (15.9%)DOS Executable Generic (15.9%)Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)PEInfo: PE Structure information( base data )entrypointaddress.: 0x4422e4timedatestamp.....: 0x44df14f2 (Sun Aug 13 12:02:58 2006)machinetype.......: 0x14c (I386)( 4 sections )name viradd virsiz rawdsiz ntrpy md5.text 0x1000 0x4e33d 0x4e400 6.57 0d4237c44d173562097be7f451cca9e6.rdata 0x50000 0x9122 0x9200 5.37 7450b3d753d449720eacb5581fc4a13f.data 0x5a000 0x15654 0x2400 4.06 2cb2cad3ed8365c4d051b5826abd7f01.rsrc 0x70000 0x2b000 0x2ae00 4.11 9e05d09930e08abda263ba92ef16bb29( 13 imports )> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA> WINMM.dll: waveOutSetVolume, timeGetTime, mciSendStringA> COMCTL32.dll: ImageList_Remove, ImageList_Destroy, ImageList_EndDrag, ImageList_DragLeave, ImageList_DragMove, ImageList_DragEnter, ImageList_BeginDrag, ImageList_SetDragCursorImage, ImageList_ReplaceIcon, ImageList_Create, InitCommonControlsEx> MPR.dll: WNetUseConnectionA, WNetGetConnectionA, WNetAddConnection2A, WNetCancelConnection2A> KERNEL32.dll: GetCurrentThreadId, UnmapViewOfFile, OpenProcess, CreateFileMappingA, MapViewOfFile, WriteProcessMemory, ReadProcessMemory, TerminateProcess, WaitForSingleObject, SetFileTime, GetFileAttributesA, FindFirstFileA, FindClose, MultiByteToWideChar, DeleteFileA, FindNextFileA, MoveFileA, CopyFileA, GetLastError, CreateDirectoryA, RemoveDirectoryA, SetSystemPowerState, QueryPerformanceFrequency, FindResourceA, LoadResource, LockResource, SizeofResource, EnumResourceNamesA, GetLocalTime, WideCharToMultiByte, InterlockedIncrement, InterlockedDecrement, lstrcmpiA, FormatMessageA, GetExitCodeProcess, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, GetPrivateProfileSectionNamesA, SetFilePointer, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, QueryPerformanceCounter, GetDriveTypeA, SetErrorMode, GetDiskFreeSpaceA, GetVolumeInformationA, SetVolumeLabelA, DeviceIoControl, SetFileAttributesA, GetShortPathNameA, WritePrivateProfileSectionA, GetEnvironmentVariableA, SetEnvironmentVariableA, GlobalMemoryStatus, Beep, GetComputerNameA, GetWindowsDirectoryA, GetSystemDirectoryA, GetTempPathA, GetCurrentProcessId, CreatePipe, DuplicateHandle, GetStdHandle, WriteFile, GetFileType, PeekNamedPipe, SetLastError, GetTempFileNameA, HeapFree, HeapAlloc, EnterCriticalSection, LeaveCriticalSection, GetStartupInfoA, GetCommandLineA, DeleteCriticalSection, HeapReAlloc, HeapSize, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, TlsAlloc, TlsFree, TlsSetValue, TlsGetValue, LCMapStringA, LCMapStringW, GetACP, GetOEMCP, GetSystemInfo, GetCurrentProcess, GetModuleHandleA, GetVersionExA, GlobalFree, GlobalUnlock, ReadFile, GlobalLock, GlobalAlloc, GetFileSize, CreateFileA, FreeLibrary, GetProcAddress, LoadLibraryA, CloseHandle, CreateProcessA, Sleep, GetModuleFileNameA, GetFullPathNameA, GetCPInfo, UnhandledExceptionFilter, SetHandleCount, SetCurrentDirectoryA, GetCurrentDirectoryA, GetSystemTimeAsFileTime, ExitProcess, GetTimeZoneInformation, ExitThread, CreateThread, SetStdHandle, FlushFileBuffers, FreeEnvironmentStringsA, GetEnvironmentStrings, ResumeThread, FreeEnvironmentStringsW, GetEnvironmentStringsW, InitializeCriticalSection, RtlUnwind, InterlockedExchange, VirtualQuery, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, VirtualProtect, GetTickCount, RaiseException, SetEndOfFile, CompareStringA, CompareStringW, SetUnhandledExceptionFilter, IsBadReadPtr, LocalFileTimeToFileTime, IsBadCodePtr> USER32.dll: CharLowerBuffA, IsClipboardFormatAvailable, OpenClipboard, GetClipboardData, CloseClipboard, CountClipboardFormats, EmptyClipboard, SetClipboardData, GetCursor, RegisterHotKey, SetActiveWindow, IsWindowEnabled, GetMenuStringA, GetSubMenu, GetCaretPos, IsZoomed, FlashWindow, EndDialog, SendDlgItemMessageA, GetDlgItem, IsWindow, GetMenu, CopyRect, EndPaint, BeginPaint, InsertMenuItemA, CopyImage, SetMenuDefaultItem, SetMenu, CreateMenu, DeleteMenu, DestroyMenu, DrawMenuBar, SetMenuItemInfoA, GetDesktopWindow, SetWindowPos, GetMessageA, RedrawWindow, wsprintfA, CharNextA, IsMenu, GetWindowTextA, GetDlgCtrlID, EnumChildWindows, GetActiveWindow, LockWindowUpdate, EnableWindow, LoadStringA, IsCharAlphaA, SetClassLongA, AdjustWindowRectEx, SetRect, SystemParametersInfoA, GetSystemMetrics, ReleaseDC, GetDC, GetSysColor, SetCursor, GetFocus, GetForegroundWindow, MessageBeep, PtInRect, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, GetMenuItemInfoA, PostMessageA, SetWindowTextA, ReleaseCapture, SetCapture, ClientToScreen, GetParent, GetWindowLongA, GetKeyState, SendMessageA, WindowFromPoint, DispatchMessageA, TranslateMessage, PeekMessageA, UnregisterHotKey, CreateIconFromResourceEx, mouse_event, ExitWindowsEx, EnumWindows, EnumThreadWindows, SendMessageTimeoutA, SetWindowLongA, CharUpperA, GetClientRect, TrackPopupMenuEx, GetCursorPos, DefDlgProcA, IsDialogMessageA, GetClassNameA, InvalidateRect, ScreenToClient, GetWindowRect, DefWindowProcA, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageA, SetTimer, ShowWindow, CreateWindowExA, RegisterClassExA, LoadIconA, LoadCursorA, CreateIcon, SetForegroundWindow, IsIconic, FindWindowA, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, keybd_event, AttachThreadInput, GetWindowThreadProcessId, VkKeyScanA, GetKeyboardLayoutNameA, MapVirtualKeyA, MessageBoxA, LoadImageA, IsCharAlphaNumericA, GetSysColorBrush, DestroyIcon, IsCharLowerA, IsCharUpperA, CharUpperBuffA, DestroyWindow, DialogBoxParamA, IsWindowVisible> GDI32.dll: PolyBezierTo, ExtCreatePen, StrokeAndFillPath, StrokePath, EndPath, SetPixel, CloseFigure, LineTo, GetTextExtentPoint32A, CreateDIBSection, BitBlt, GetDIBits, CreateDCA, GetTextFaceA, AngleArc, MoveToEx, Ellipse, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectA, DeleteDC, CreateCompatibleDC, SelectObject, CreateFontA, GetDeviceCaps, GetStockObject, SetBkMode, SetTextColor, GetPixel, CreateSolidBrush, DeleteObject, SetBkColor> comdlg32.dll: GetSaveFileNameA, GetOpenFileNameA> ADVAPI32.dll: RegEnumValueA, RegDeleteValueA, RegDeleteKeyA, RegSetValueExA, RegCreateKeyExA, GetUserNameA, RegConnectRegistryA, RegEnumKeyExA, CloseServiceHandle, UnlockServiceDatabase, LockServiceDatabase, OpenSCManagerA, AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegQueryValueExA, RegOpenKeyExA> SHELL32.dll: SHFileOperationA, SHGetPathFromIDListA, SHGetDesktopFolder, SHGetMalloc, Shell_NotifyIconA, ExtractIconExA, ExtractIconA, DragFinish, DragQueryFileA, DragQueryPoint, SHBrowseForFolderA> ole32.dll: CreateStreamOnHGlobal, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoInitialize, CoUninitialize, CoCreateInstance, CoTaskMemAlloc, CoTaskMemFree, IIDFromString, StringFromIID, CLSIDFromString, OleInitialize, OleUninitialize, CreateBindCtx, CLSIDFromProgID, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket, StringFromCLSID> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -( 0 exports )
-
Re: Possibile virus in X-Mule
http://www.winpenpack.com/en/e107_plugins/forum/forum_viewtopic.php?24424
2024-03-19T07:13:23+01:00
Danix
Benvenuto su winPenPack Qualcuno mi può dire di più a riguardo??Giustappunto: -Link-
-
Re: Possibile virus in X-Mule
http://www.winpenpack.com/en/e107_plugins/forum/forum_viewtopic.php?24424
2024-03-19T07:13:23+01:00
MaxBad62
Grazie Danix!!!Ne Deduco che allora posso utilizzarlo tranquillamemte?!?
-
Re: Possibile virus in X-Mule
http://www.winpenpack.com/en/e107_plugins/forum/forum_viewtopic.php?24424
2024-03-19T07:13:23+01:00
Danix
Problema risolto con ClamWin (vedi homepage)dopo aver effettuato una scansione con ClamAVClamAV o ClamWin?
-
Re: Possibile virus in X-Mule
http://www.winpenpack.com/en/e107_plugins/forum/forum_viewtopic.php?24424
2024-03-19T07:13:23+01:00
MaxBad62
Grazie 1000 Danix. Ottimo lavoro!! Ma non vi riposate mai??Comunque avevo già deciso di fidarmi, visto che la percentuale di antivirus chericonoscevano una possibile infezione era così esigua. Scusa Danix, era ClamWin!