Sign In
Create Account
1
ExpertAntiVirus (expertantivirus.com)
#1
Posted 29 April 2007 - 03:11 AM
-
- Experts
-
- 721 posts
Elite Member
- Gender:Male
- Location:Harlingen - The Netherlands
- Interests:
- [•]www.pdd-nos.nl
[•]www.pdd-nos.be
[•]www.pdd-nos.com
Back to top
#2
Posted 29 April 2007 - 09:09 AM
-
- Administrators
-
- 5,399 posts
Forum Deity
- Location:Northampton, MA USA
fredvries, on Apr 29 2007, 04:11 AM, said:
ExpertAntiVirus (expertantivirus.com)
I did a totaluninstall monitor and it does drop the very malware the scan detects .
Virustotal scans are on the way .
#3
Posted 29 April 2007 - 09:53 AM
-
- Administrators
-
- 5,399 posts
Forum Deity
- Location:Northampton, MA USA
The dropped files (detected as malware by ExpertAntiVirus) scan clean . This is a common tactic used by rogues to prevent other legit scanners from detecting the scam .
ExpertAntiVirus itself on the other hand :
STATUS: FINISHEDComplete scanning result of "ExpertAntivirus.EXE", received in VirusTotal at 04.29.2007, 16:11:26 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.4.28.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.28.2007 no virus found
Authentium 4.93.8 04.27.2007 no virus found
Avast 4.7.981.0 04.26.2007 Win32:Mailbot-N
AVG 7.5.0.467 04.29.2007 no virus found
BitDefender 7.2 04.29.2007 no virus found
CAT-QuickHeal 9.00 04.28.2007 no virus found
ClamAV devel-20070416 04.29.2007 no virus found
DrWeb 4.33 04.29.2007 no virus found
eSafe 7.0.15.0 04.29.2007 no virus found
eTrust-Vet 30.7.3601 04.27.2007 no virus found
Ewido 4.0 04.29.2007 no virus found
FileAdvisor 1 04.29.2007 no virus found
Fortinet 2.85.0.0 04.29.2007 no virus found
F-Prot 4.3.2.48 04.27.2007 no virus found
F-Secure 6.70.13030.0 04.28.2007 no virus found
Kaspersky 4.0.2.24 04.29.2007 no virus found
McAfee 5019 04.27.2007 no virus found
Microsoft 1.2405 04.29.2007 no virus found
NOD32v2 2227 04.29.2007 no virus found
Norman 5.80.02 04.27.2007 no virus found
Panda 9.0.0.4 04.29.2007 Suspicious file
Prevx1 V2 04.29.2007 no virus found
Sophos 4.17.0 04.28.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.29.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.29.2007 no virus found
VirusBuster 4.3.7:9 04.28.2007 no virus found
Webwasher-Gateway 6.0.1 04.29.2007 Riskware.Fake.SpywareAxe
Aditional Information
File size: 1753088 bytes
MD5: 45980d7a75c139ae2b537e303f0d0f69
SHA1: ecf8c3a1548d9b5894a8115c13d6d0ba430ae676
packers: Armadillo
ExpertAntiVirus is also detected by Antivir as spyaxe when heuristics are turned all the way up .
RogueRemover currently detects much of ExpertAntiVirus's registry entries as Ad-Protect but misses all of the file components .
I vote for listing ExpertAntiVirus as rogue with a threat level of high .
ExpertAntiVirus itself on the other hand :
STATUS: FINISHEDComplete scanning result of "ExpertAntivirus.EXE", received in VirusTotal at 04.29.2007, 16:11:26 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.4.28.0 04.27.2007 no virus found
AntiVir 7.4.0.15 04.28.2007 no virus found
Authentium 4.93.8 04.27.2007 no virus found
Avast 4.7.981.0 04.26.2007 Win32:Mailbot-N
AVG 7.5.0.467 04.29.2007 no virus found
BitDefender 7.2 04.29.2007 no virus found
CAT-QuickHeal 9.00 04.28.2007 no virus found
ClamAV devel-20070416 04.29.2007 no virus found
DrWeb 4.33 04.29.2007 no virus found
eSafe 7.0.15.0 04.29.2007 no virus found
eTrust-Vet 30.7.3601 04.27.2007 no virus found
Ewido 4.0 04.29.2007 no virus found
FileAdvisor 1 04.29.2007 no virus found
Fortinet 2.85.0.0 04.29.2007 no virus found
F-Prot 4.3.2.48 04.27.2007 no virus found
F-Secure 6.70.13030.0 04.28.2007 no virus found
Kaspersky 4.0.2.24 04.29.2007 no virus found
McAfee 5019 04.27.2007 no virus found
Microsoft 1.2405 04.29.2007 no virus found
NOD32v2 2227 04.29.2007 no virus found
Norman 5.80.02 04.27.2007 no virus found
Panda 9.0.0.4 04.29.2007 Suspicious file
Prevx1 V2 04.29.2007 no virus found
Sophos 4.17.0 04.28.2007 no virus found
Sunbelt 2.2.907.0 04.19.2007 no virus found
Symantec 10 04.29.2007 no virus found
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.29.2007 no virus found
VirusBuster 4.3.7:9 04.28.2007 no virus found
Webwasher-Gateway 6.0.1 04.29.2007 Riskware.Fake.SpywareAxe
Aditional Information
File size: 1753088 bytes
MD5: 45980d7a75c139ae2b537e303f0d0f69
SHA1: ecf8c3a1548d9b5894a8115c13d6d0ba430ae676
packers: Armadillo
ExpertAntiVirus is also detected by Antivir as spyaxe when heuristics are turned all the way up .
RogueRemover currently detects much of ExpertAntiVirus's registry entries as Ad-Protect but misses all of the file components .
I vote for listing ExpertAntiVirus as rogue with a threat level of high .
#6
Posted 01 May 2007 - 09:42 PM
-
- Experts
-
- 806 posts
Elite Member
- Location:Blue Ridge, Va.
[url="http://www.symantec.com/enterprise/securit...-050111-3914-99"][url="http://www.symantec.com/enterprise/securit...-050111-3914-99"]http://www.symantec.com/enterprise/securit...-050111-3914-99[/url][/url]
Member Since 2004
Calendar of Updates?
#7
Posted 02 May 2007 - 04:32 AM
-
- Experts
-
- 721 posts
Elite Member
- Gender:Male
- Location:Harlingen - The Netherlands
- Interests:
Yup, even Symantec is now monitoring our forum. 
- [•]www.pdd-nos.nl
[•]www.pdd-nos.be
[•]www.pdd-nos.com
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
