Backdoor.Win32.Rbot.hlr

[Malekal_morte]

Ajoute la ligne suivante sur HijackThis :

O23 - Service: Track Learning Management System (TTLMS) - Unknown owner - C:\WINDOWS\system32\ttlms.exe

Scan du fichier :

File setup.exe received on 02.09.2008 13:59:51 (CET)
Current status: finished
Result: 12/31 (38.71%)

Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.08 HEUR/Crypted
Authentium 4.93.8 2008.02.08 -
Avast 4.7.1098.0 2008.02.08 -
AVG 7.5.0.516 2008.02.08 -
BitDefender 7.2 2008.02.09 DeepScan:Generic.Sdbot.F0676A49
CAT-QuickHeal None 2008.02.08 Backdoor.SdBot.gen
ClamAV 0.92 2008.02.09 Trojan.Pakes-248
DrWeb 4.44.0.09170 2008.02.09 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5522 2008.02.08 -
Ewido 4.0 2008.02.08 -
FileAdvisor 1 2008.02.09 -
Fortinet 3.14.0.0 2008.02.09 -
F-Prot 4.4.2.54 2008.02.08 -
F-Secure 6.70.13260.0 2008.02.08 SDBot.gen9
Ikarus T3.1.1.20 2008.02.09 Generic.Sdbot
Kaspersky 7.0.0.125 2008.02.09 -
McAfee 5226 2008.02.08 -
Microsoft 1.3204 2008.02.09 -
NOD32v2 2861 2008.02.09 a variant of Win32/Packed.Themida
Norman 5.80.02 2008.02.08 SDBot.gen9
Panda 9.0.0.4 2008.02.09 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.09 Sus/ComPack
Sunbelt 2.2.907.0 2008.02.09 VIPRE.Suspicious
Symantec 10 2008.02.09 -
TheHacker 6.2.9.213 2008.02.09 -
VBA32 3.12.6.0 2008.02.09 -
VirusBuster 4.3.26:9 2008.02.08 Packed/Themida
Webwasher-Gateway 6.6.2 2008.02.09 Heuristic.Crypted
Additional information
File size: 542720 bytes
MD5: a9af5ba0d20cb46b09a9af351a844d63
SHA1: 30523dea0afd2f57e3432f07ef165584310a6397
PEiD: Themida/WinLicense V1.8.0.2 + -> Oreans Technologies
packers: Themida

[Malekal_morte]

Hello,

setup.exe_ - Backdoor.Win32.Rbot.hlr

New malicious software was found in this file. It's detection will be included
in the next update. Thank you for your help.

Please quote all when answering.