Virus at xtrap folder :s

spyrex · 06-12-2007, 10:20 AM

Complete scanning result of "XTrap_2_.zip", received in VirusTotal at 06.12.2007, 15:56:20 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.5.9.0 05.09.2007 no virus found
AntiVir 7.4.0.32 06.12.2007 no virus found
Authentium 4.93.8 06.12.2007 no virus found
Avast 4.7.997.0 06.12.2007 no virus found
AVG 7.5.0.467 05.08.2007 no virus found
BitDefender 7.2 06.12.2007 no virus found
CAT-QuickHeal 9.00 06.12.2007 (Suspicious) - DNAScan
ClamAV devel-20070416 05.09.2007 no virus found
DrWeb 4.33 06.12.2007 no virus found
eSafe 7.0.15.0 05.08.2007 no virus found
eTrust-Vet 30.7.3713 06.12.2007 no virus found
FileAdvisor 1 06.12.2007 no virus found
Fortinet 2.85.0.0 06.12.2007 no virus found
F-Prot 4.3.2.48 05.08.2007 no virus found
F-Secure 6.70.13030.0 05.09.2007 no virus found
Ikarus T3.1.1.7 05.09.2007 no virus found
Kaspersky 4.0.2.24 06.12.2007 no virus found
McAfee 5050 06.11.2007 no virus found
Microsoft 1.2503 06.12.2007 no virus found
NOD32v2 2325 06.12.2007 no virus found
Norman 5.80.02 06.12.2007 no virus found
Panda 9.0.0.4 06.12.2007 Suspicious file
Prevx1 V2 06.12.2007 no virus found
Sophos 4.18.0 06.12.2007 no virus found
Sunbelt 2.2.907.0 05.05.2007 VIPRE.Suspicious
Symantec 10 05.09.2007 no virus found
TheHacker 6.1.6.132 06.11.2007 no virus found
VBA32 3.12.0.1 06.11.2007 Trojan-Spy.Win32.Ardamax.i
VirusBuster 4.3.23:9 06.11.2007 no virus found
Webwasher-Gateway 6.0.1 05.09.2007 Win32.Malware.gen (suspicious)

Aditional Information
File size: 764480 bytes
MD5: 65cee67368b248b6cb10e5bc89374c86
SHA1: b05d0ffeda2e7597e0a551eb04a4f3e03cd18f59
packers: PE_Patch, Aspack
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

any one got it on his xtrap folder too?
i download from officel ko forum that ( what the gm posted )

looked at some sites about it found that :
Details
Malware name Ardamax.I {WIN32 MONITOR APPLICATION}
First reported on September 2005
Origin Unknown
Target Win32
Target description Windows 32-bit. Windows '9x, ME, NT, 2000 and XP
Platform Windows
Type not-a-virus:Monitor
Type description Legal utilities which monitor computer and user activity.

Aliases
Kaspersky not-a-virus:Monitor.Win32.Ardamax.i
McAfee application Keylog-Ardamax.dll
Dr.Web Trojan.KeyLogger.19

Last change 1 November 2005
Last change by GJV

spyrex · 06-12-2007, 10:21 AM

also , can any one up his xtrap folder and check if he had that too?
http://www.virustotal.com
and if i didnt open the files just unrar them... it can effect?

Cadence96 · 06-12-2007, 10:26 AM

Did someone give you that zip?

spyrex · 06-12-2007, 10:28 AM

i got it from officel ko forum posted by gm
http://forum.knightonlineworld.com/forum_e...howtopic=122770

so i wanne somone check is folder and .rar it and check if he had that too

spyrex · 06-12-2007, 10:36 AM

humm any one?

SokoBo4 · 06-12-2007, 10:47 AM

hmm oO yeah i got it too

spyrex · 06-12-2007, 10:52 AM

oO
any one have it too?

**Dark3lf** · 06-12-2007, 10:54 AM

3 / 31 isn't that bad.. I doubt they're harmful.

spyrex · 06-12-2007, 10:55 AM

at sokobo files it 5/31
but look at what i found google..

spyrex · 06-12-2007, 12:31 PM

Speed · 06-12-2007, 03:05 PM

i get the same results , file was downloaded from launcher....

and funny about that "ardamax" file... i remember theres a company or something called like that wich makes a keylogger and monitoring programs lol...

**Conin** · 06-12-2007, 03:14 PM

i get the same results , file was downloaded from launcher....

and funny about that "ardamax" file... i remember theres a company or something called like that wich makes a keylogger and monitoring programs lol...[/b]

http://www.ardamax.com/keylogger/