Trojan.Win32.Agent.eak / direct3d.exe

[Malekal_morte]

variante de Trojan.Win32.Agent.dwd / services.exe / Naked

Message de propagation :

oh sen ciplak mi ?
oh du naked ? :o
jij weer naakt ? :o
tu es nue?
oh naked ?

Ajoute la ligne suivante sur HijackThis :

O4 - HKLM\..\Run: [DirectX9] C:\DOCUME~1\username\LOCALS~1\Temp\direct3d.exe

Scan du fichier :

Fichier direct3d.exe reçu le 2008.01.17 13:21:00 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 3/32 (9.38%)


Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.1.17.11 2008.01.17 -
AntiVir 7.6.0.48 2008.01.17 -
Authentium 4.93.8 2008.01.17 -
Avast 4.7.1098.0 2008.01.16 -
AVG 7.5.0.516 2008.01.16 -
BitDefender 7.2 2008.01.17 -
CAT-QuickHeal 9.00 2008.01.16 -
ClamAV 0.91.2 2008.01.17 -
DrWeb 4.44.0.09170 2008.01.17 -
eSafe 7.0.15.0 2008.01.16 -
eTrust-Vet 31.3.5465 2008.01.17 -
Ewido 4.0 2008.01.17 -
FileAdvisor 1 2008.01.17 -
Fortinet 3.14.0.0 2008.01.17 -
F-Prot 4.4.2.54 2008.01.16 -
F-Secure 6.70.13260.0 2008.01.17 -
Ikarus T3.1.1.20 2008.01.17 -
Kaspersky 7.0.0.125 2008.01.17 Heur.Invader
McAfee 5209 2008.01.16 -
Microsoft 1.3109 2008.01.17 Worm:Win32/Pakabot.gen
NOD32v2 2801 2008.01.17 -
Norman 5.80.02 2008.01.16 -
Panda 9.0.0.4 2008.01.17 Suspicious file
Prevx1 V2 2008.01.17 -
Rising 20.27.31.00 2008.01.17 -
Sophos 4.24.0 2008.01.17 -
Sunbelt 2.2.907.0 2008.01.17 -
Symantec 10 2008.01.17 -
TheHacker 6.2.9.189 2008.01.17 -
VBA32 3.12.2.5 2008.01.15 -
VirusBuster 4.3.26:9 2008.01.16 -
Webwasher-Gateway 6.0.1 2008.01.17 -
Information additionnelle
File size: 46000 bytes
MD5: 78ae0e3d13aa1cf86747e7deef02868b
SHA1: c135ab3d0f8ac2e924faed5045774d7d1c22629f
PEiD: Armadillo v1.71

[Malekal_morte]

Antivir :

The file 'direct3d.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Agent.46000. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Dr.WEB :

Dear malekalmorte,

Your request has been analyzed. New virus record has been added.
Virus: BackDoor.IRC.Rigen.

Thank you for the cooperation.

--
Yours sincerely,
Virus Monitoring Service Doctor Web Ltd.

[Malekal_morte]

Kaspersky :

Hello,

direct3d.exe_ - Trojan.Win32.Agent.eak

New malicious software was found in this file. It's detection will be included
in the next update. Thank you for your help.