Guest goodjohn1984 Posted July 27, 2010 Report Share Posted July 27, 2010 This is probably either a false positive or malware. aresregular216_installer.exe (It won't let me upload it here, but you can get the file at): http://sourceforge.net/projects/aresgalaxy/files/aresgalaxy/AresRegular216_07102010/aresregular216_installer.exe/download MD5...: abc9883331fea3b3a86c8b48bfd2cf66 http://www.virustotal.com/analisis/313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3-1280246039 http://camas.comodo.com/cgi-bin/submit?file=0b9d879d39b18d53b41708a6dfbc381938017a58eccf1881ec2d4538512a6192 http://www.virscan.org/report/0b59d08a57269787762158334cc75727.html Additional information File size: 2512861 bytes MD5...: abc9883331fea3b3a86c8b48bfd2cf66 SHA1..: 6dfccb55aebbaa61692ecdb6a50f2beaab2c21d2 SHA256: 313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3 ssdeep: 49152:bFXFWr31IaEEtlU/cjvjGnK3PH6LBvdKbLRlewau1dEHYqnEDk:ZXFWrKn 0XU9lKb1Duvak PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x3154 timedatestamp.....: 0x45d6f9b0 (Sat Feb 17 12:48:48 2007) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5be6 0x5c00 6.48 da404f02cd489060cb5c42f1f07f0c92 .rdata 0x7000 0x1218 0x1400 4.94 51e05dceb9e2610ceb6b405a26eab2f8 .data 0x9000 0x264f4 0x400 5.20 44054c0627a3ea1c6dce75d9998638c8 .ndata 0x30000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x39000 0x76c8 0x7800 5.61 5be6d87ddc2e71a76d90a61a0d42d1fe ( 8 imports ) > KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, ExitProcess, lstrcmpiA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, MulDiv, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA > USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, wsprintfA > GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject > SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation > ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA > COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create > ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance > VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) packers (Kaspersky): Swf2Swc, ASPack, ASPack, ASPack, UPX, ASPack sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned packers (F-Prot): NSIS, UTF-8, Aspack, UPX Link to comment Share on other sites More sharing options...
Guest orlando Posted July 27, 2010 Report Share Posted July 27, 2010 This is probably either a false positive or malware. aresregular216_installer.exe (It won't let me upload it here, but you can get the file at): http://sourceforge.net/projects/aresgalaxy/files/aresgalaxy/AresRegular216_07102010/aresregular216_installer.exe/download MD5...: abc9883331fea3b3a86c8b48bfd2cf66 http://www.virustotal.com/analisis/313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3-1280246039 http://camas.comodo.com/cgi-bin/submit?file=0b9d879d39b18d53b41708a6dfbc381938017a58eccf1881ec2d4538512a6192 http://www.virscan.org/report/0b59d08a57269787762158334cc75727.html Additional information File size: 2512861 bytes MD5...: abc9883331fea3b3a86c8b48bfd2cf66 SHA1..: 6dfccb55aebbaa61692ecdb6a50f2beaab2c21d2 SHA256: 313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3 ssdeep: 49152:bFXFWr31IaEEtlU/cjvjGnK3PH6LBvdKbLRlewau1dEHYqnEDk:ZXFWrKn 0XU9lKb1Duvak PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x3154 timedatestamp.....: 0x45d6f9b0 (Sat Feb 17 12:48:48 2007) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5be6 0x5c00 6.48 da404f02cd489060cb5c42f1f07f0c92 .rdata 0x7000 0x1218 0x1400 4.94 51e05dceb9e2610ceb6b405a26eab2f8 .data 0x9000 0x264f4 0x400 5.20 44054c0627a3ea1c6dce75d9998638c8 .ndata 0x30000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x39000 0x76c8 0x7800 5.61 5be6d87ddc2e71a76d90a61a0d42d1fe ( 8 imports ) > KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, ExitProcess, lstrcmpiA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, MulDiv, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA > USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, wsprintfA > GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject > SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation > ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA > COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create > ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance > VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) packers (Kaspersky): Swf2Swc, ASPack, ASPack, ASPack, UPX, ASPack sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned packers (F-Prot): NSIS, UTF-8, Aspack, UPX The file is clean. It is also a reliable company. Unquestionably clean. The total virus detections are false positives. Orlando Link to comment Share on other sites More sharing options...
Guest goodjohn1984 Posted July 27, 2010 Report Share Posted July 27, 2010 The file is clean. It is also a reliable company. Unquestionably clean. The total virus detections are false positives. Orlando I thought so, thank you. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.