Why compound scanning is important..

Doing some housecleaning, and going through a whole bunch of malware files with the new scanner (as you do..)

This one brings a smile.. TrojanHunter now includes SFX detection among other things in the 5.0 beta, here’s an “installer”…

Found trojan file: C:\TESTING\2005107\2005107.exe/3721.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad1.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad2.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad3.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad4.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad5.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad6.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/ad7.exe (TrojanClicker.VB.166)
Found adware file: C:\TESTING\2005107\2005107.exe/bind_8432.exe (Adware.AdHelper.107)
Found adware file: C:\TESTING\2005107\2005107.exe/dmshell.dll/Upxlpbqnauj (Adware.Dm.100)
Found trojan file: C:\TESTING\2005107\2005107.exe/s45337.exe (Agent.629)
Found adware file: C:\TESTING\2005107\2005107.exe/setup_110013.exe (Adware.WSearch.121)
Found trojan file: C:\TESTING\2005107\2005107.exe/system.exe (TrojanClicker.VB.167)
Found trojan file: C:\TESTING\2005107\2005107.exe/system2.exe (TrojanClicker.VB.167)
Found trojan file: C:\TESTING\2005107\2005107.exe/system3.exe (TrojanClicker.VB.167)
Found adware file: C:\TESTING\2005107\2005107.exe/WIS174.exe (Adware.AllSum.105)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/3721.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad1.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad2.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad3.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad4.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad5.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad6.exe (TrojanClicker.VB.166)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/ad7.exe (TrojanClicker.VB.166)
Found adware file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/bind_8432.exe (Adware.AdHelper.107)
Found adware file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/dmshell.dll/Upxtgyxoryw (Adware.Dm.100)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/s45337.exe (Agent.629)
Found adware file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/setup_110013.exe (Adware.WSearch.121)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/system.exe (TrojanClicker.VB.167)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/system2.exe (TrojanClicker.VB.167)
Found trojan file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/system3.exe (TrojanClicker.VB.167)
Found adware file: C:\TESTING\2005107\2005107.exe/Upxeeorvkdi/WIS174.exe (Adware.AllSum.105)

We detect supsicious droppers too, simply because a normal SFX should be well, normal. Lets just say I wouldn’t want to execute the above on MY system…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s