Path: news.nzbot.com!news.astraweb.com!border6.newsrouter.astraweb.com!news.astraweb.com!border5.newsrouter.astraweb.com!newspeer1.nac.net!border4.nntp.dca.giganews.com!backlog4.nntp.dca3.giganews.com!Xl.tags.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!local2.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Mon, 21 Apr 2014 23:40:52 -0500
From: Troj-On
Newsgroups: alt.binaries.sounds.utilities
Subject: Amplitude 3 virus nerve
Date: Tue, 22 Apr 2014 00:41:18 -0400
Message-ID: <pjrbl95ragjplmhcceodlhra8o12vgpkfe@4ax.com>
References: <VGa5v.100806$cz2.8229@fx08.iad>
User-Agent: ForteAgent/7.10.32.1214 trialware
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 42
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-iVh86j99iazqo18VlHmYqcT7qY8ps3j65EZZE9i3qIwEp19zLvQtOz7m3/Uk/zMmsEZ9DH4S8V2mcEn!5ITthjAYrmJfeeVzJmja5qcdtlD1qvuxGODYBzh403Qz3rcq0F8adeBgzfzzpX+cPhLyayA5
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2554
Xref: news.nzbot.com alt.binaries.sounds.utilities:12
>This is definitely not a false positive. Those are quite common but this one is a trojan. The keygen is modifying the registry and adding files.
>
> skip this turd.
>
--have not time to SandBoxie it - - - thanks.
--And too the famous LUHE (as named by AVG)
VirusTOTAL.COM
Six virus routine found a virus -----
Twenty one routines found no virus at all........
--------------------------------------------------------------------ain't
life fun !!!
NERVE_KEYGEN.exe
AVG says---------------------------Luhe.FIHA.A ---------------AVG
seems to
find this in a whole lotta stuff !
SCAN of NERVE_KEYGEN.exe
--------------------------VIRUStotal.COM------------------
SHA256:
81ad8daf242ba4a563a39889048a169a8ae3bd5c1a2ca4b352524d233ba7e667
File name: Nerve_KeyGen.exe
Detection ratio: 6 / 51
Analysis date: 2014-04-16 16:14:01 UTC ( 4 days, 9 hours ago )
Antivirus Result Update
AVG Luhe.Fiha.A 20140416
Commtouch W32/Backdoor.GTUS-1091 20140416
F-Prot W32/Backdoor2.HTYF 20140416
K7AntiVirus Backdoor ( 356c8e300 ) 20140416
TrendMicro PAK_Generic.005 20140416
TrendMicro-Hou PAK_Generic.005 20140416
------------Six virus packages detected a virus of various names
-------------in NERVE_KEYGEN.exe
Ad-Aware AegisLab
Agnitum
AhnLab-V3 and 16 other virus softwares did not
identify a virus in NERVE_KEYGEN.exe at all.
|
|