Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with (MSIL!IK)


  • Please log in to reply
No replies to this topic

#1 Mag1c

Mag1c

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:48 AM

Posted 14 September 2009 - 10:45 AM

Hey, BleepingComputer

I had a file recieved from a friend, I scanned with virustotal.com nothing came up. I scanned it a week later, and this is the report.

Note: I ran the file and I am infected
.


Here is the scan report.


http://www.virustotal.com/analisis/268a849...6c43-1252942538
File asdasdacryp.exe received on 2009.09.14 15:35:38 (UTC)Antivirus	Version	Last Update	Resulta-squared	4.5.0.24	2009.09.14	Trojan-Dropper.MSIL!IKAhnLab-V3	5.0.0.2	2009.09.14	-AntiVir	7.9.1.14	2009.09.14	-Antiy-AVL	2.0.3.7	2009.09.14	-Authentium	5.1.2.4	2009.09.14	-Avast	4.8.1351.0	2009.09.14	-AVG	8.5.0.412	2009.09.14	-BitDefender	7.2	2009.09.14	-CAT-QuickHeal	10.00	2009.09.14	-ClamAV	0.94.1	2009.09.14	-Comodo	2316	2009.09.14	-DrWeb	5.0.0.12182	2009.09.14	-eSafe	7.0.17.0	2009.09.14	-eTrust-Vet	31.6.6736	2009.09.14	-F-Prot	4.5.1.85	2009.09.14	-F-Secure	8.0.14470.0	2009.09.13	-Fortinet	3.120.0.0	2009.09.14	-GData	19	2009.09.14	-Ikarus	T3.1.1.72.0	2009.09.14	Trojan-Dropper.MSILJiangmin	11.0.800	2009.09.14	-K7AntiVirus	7.10.844	2009.09.14	-Kaspersky	7.0.0.125	2009.09.14	-McAfee	5740	2009.09.13	-McAfee+Artemis	5740	2009.09.13	-McAfee-GW-Edition	6.8.5	2009.09.14	-Microsoft	1.5005	2009.09.14	TrojanDropper:MSIL/Agent.ANOD32	4424	2009.09.14	-Norman	6.01.09	2009.09.14	-nProtect	2009.1.8.0	2009.09.14	-Panda	10.0.2.2	2009.09.13	-PCTools	4.4.2.0	2009.09.14	-Prevx	3.0	2009.09.14	-Rising	21.47.04.00	2009.09.14	-Sophos	4.45.0	2009.09.14	-Sunbelt	3.2.1858.2	2009.09.13	-Symantec	1.4.4.12	2009.09.14	-TheHacker	6.3.4.4.402	2009.09.12	-TrendMicro	8.950.0.1094	2009.09.14	-VBA32	3.12.10.10	2009.09.13	-ViRobot	2009.9.14.1934	2009.09.14	-VirusBuster	4.6.5.0	2009.09.13	-Additional informationFile size: 212992 bytesMD5...: 8e367f8f412554ce736510ff279e5383SHA1..: f94415f58e908b7f3f96147ffe31962003f8294aSHA256: 268a849f5b859fbe1b624e9d82d2df38a6665cd88ea94453135e4e88abed6c43ssdeep: 3072:5pXbTNB1WDuJB8wZ4SraolOYLoO6cq6rRGBVnGupb0zaOjoIL:LbTNCcFao<br>AYLFzroBI8w7<br>PEiD..: -PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x2df5e<br>timedatestamp.....: 0x49cee837 (Sun Mar 29 03:17:11 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x2000 0x2bf64 0x2c000 4.62 dce2da9577a699b7071e57a8f51c7067<br>.rsrc 0x2e000 0x5bf8 0x6000 5.60 d0be18afc5d5c4b93994152b39ceca45<br>.reloc 0x34000 0xc 0x1000 0.02 933e841f4a47a2117e8a2adc4b5e8b08<br><br>( 1 imports ) <br>> mscoree.dll: _CorExeMain<br><br>( 0 exports ) <br>RDS...: NSRL Reference Data Set<br>-pdfid.: -trid..: Generic CIL Executable (.NET, Mono, etc.) (84.2%)<br>Win32 Dynamic Link Library (generic) (8.7%)<br>Win16/32 Executable Delphi generic (2.3%)<br>Generic Win/DOS Executable (2.3%)<br>DOS Executable Generic (2.2%)



I have unplugged my internet on my other computer. I also am scanning my computer with Malwarebytes, Super Antispyware, McAfee Antivirus. I need help removing this.



Thanks

Edit: Moved topic from HijackThis Logs and Virus/Trojan/Spyware/Malware Removal to the more appropriate forum due to the type of log included. ~ Animal

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users