joined today, single post saying nothing but keygen and a link, based in croatia unless they are using a proxy which is possible. its a keylogger more than likley but to make it positive here are the scan results.
ardamax = keylogger
(!empty($user->lang['CODE'])) ? $user->lang['CODE'] : ucwords(strtolower(str_replace('_', ' ', 'CODE'))):
File keygen.rar received on 03.22.2008 19:39:30 (CET)
Current status: finished
Result: 3/32 (9.38%)
Antivirus Version Last Update Result
AhnLab-V3 2008.3.22.1 2008.03.21 -
AntiVir 7.6.0.75 2008.03.22 -
Authentium 4.93.8 2008.03.22 -
Avast 4.7.1098.0 2008.03.22 Win32:Ardamax-CI
AVG 7.5.0.516 2008.03.22 -
BitDefender 7.2 2008.03.22 -
CAT-QuickHeal 9.50 2008.03.21 -
ClamAV 0.92.1 2008.03.22 -
DrWeb 4.44.0.09170 2008.03.22 -
eSafe 7.0.15.0 2008.03.18 -
eTrust-Vet 31.3.5633 2008.03.21 -
Ewido 4.0 2008.03.22 -
F-Prot 4.4.2.54 2008.03.22 -
F-Secure 6.70.13260.0 2008.03.21 -
FileAdvisor 1 2008.03.22 -
Fortinet 3.14.0.0 2008.03.21 -
Ikarus T3.1.1.20 2008.03.22 -
Kaspersky 7.0.0.125 2008.03.22 not-a-virus:Monitor.Win32.Ardamax.as
McAfee 5257 2008.03.21 -
Microsoft 1.3301 2008.03.22 -
NOD32v2 2967 2008.03.21 -
Norman 5.80.02 2008.03.20 -
Panda 9.0.0.4 2008.03.22 -
Prevx1 V2 2008.03.22 -
Rising 20.36.42.00 2008.03.21 -
Sophos 4.27.0 2008.03.22 Sus/Behav-1018
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.03.22 -
TheHacker 6.2.92.250 2008.03.19 -
VBA32 3.12.6.3 2008.03.21 -
VirusBuster 4.3.26:9 2008.03.22 -
Webwasher-Gateway 6.6.2 2008.03.22 -
Additional information
File size: 1345586 bytes
MD5: ffbb7beacd721924032967ade0ddbe90
SHA1: ce9740d236e9c0b52f6c8bb220432600c3eaac61
PEiD: -
(!empty($user->lang['CODE'])) ? $user->lang['CODE'] : ucwords(strtolower(str_replace('_', ' ', 'CODE'))):
File: keygen.rar
Status:
INFECTED/MALWARE
MD5: ffbb7beacd721924032967ade0ddbe90
Packers detected:
-
Bit9 reports: File not found
Scanner results
Scan taken on 22 Mar 2008 18:44:32 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found Program.Ardamax
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found not-a-virus:Monitor.Win32.Ardamax.as (6, 2, 604), not-a-virus:Monitor.Win32.Ardamax.o (6, 2, 604), not-a-virus:Monitor.Win32.Ardamax.bf (6, 2, 604)
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found not-a-virus:Monitor.Win32.Ardamax.as, not-a-virus:Monitor.Win32.Ardamax.o, not-a-virus:Monitor.Win32.Ardamax.bf
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found Sus/Behav-1018, Sus/Keygen-A (probable variant)
VirusBuster
Found nothing
VBA32
Found nothing
to anyone who downloaded this best to check your system and change your password on a clean computer if you logged in or prepare for a stolen account.