I have a file that was caught by Boclean. Nod32, A-squared, etc., scans clean.
FARBRAU MALWARE STOPPED by BOCLEAN!
Trojan horse was found in memory.
I did a search and didn’t find any info. Help greatly appreciated.
Greetings!
What was the path of the file that BOClean found?
Also, upload it on <a href="http://www.virustotal.com>VirusTotal and see if it’s identified by an antivirus.
Cheers,
Ragwing
Thanks so much for the reply. The file (skidrow.exe) was included in a game download for kids. Here are the results from virustotal.com.
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - HEUR/Crypted
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - Packer.Krunchy.B
CAT-QuickHeal - - (Suspicious) - DNAScan
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - Suspicious file
Rising - - Trojan.Win32.Agent.vyl
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - Packed/FRBR
Webwasher-Gateway - - Heuristic.Crypted
I’m not 100%, but it might be a false positive, since Rising is the only one that actually detects it as a trojan(the other ones flag it as suspicious).
If you attach it in a PM(or upload on RapidShare if it’s too big) and send it to me, I’ll take a look at if your you and see if I find anything.
Cheers,
Ragwing