Vistumbler malware ?

Having a problem? Ask for help here.
Post Reply
dingoo
Newbie
Posts: 1
Joined: Thu May 08, 2008 7:50 am

Vistumbler malware ?

Post by dingoo » Thu May 08, 2008 7:53 am

Is Vistumbler realy a malicious programm ?
Look at this link : http://www.prevx.com/filenames/X2960401 ... R.EXE.html
Thanks to all how me can inform about this.
Dingoo

User avatar
ACalcutt
Vistumbler / TechIdiots Admin
Vistumbler / TechIdiots Admin
Posts: 1158
Joined: Sun Oct 21, 2007 6:50 pm
Location: Rutland, MA
Contact:

Re: Vistumbler malware ?

Post by ACalcutt » Thu May 08, 2008 8:28 am

No, you can view the souce code that is included if you want to check(Vistumbler.au3). You can also compile from the source code if you have the proper version of autoit.

it does execute a process...netsh.exe is what it executes to get wireless information
it is compiled...if thats what it means by packed...but that is so it is in EXE form instead of AU3 (source code)
it does not write to another programs memory
I have never tried to add vendor information, product, or version into the header (I'm not even sure how to do that), so that is correct

-Andrew

leadyoxy
Newbie
Posts: 1
Joined: Mon May 16, 2011 8:30 pm

Re: Vistumbler malware ?

Post by leadyoxy » Wed May 18, 2011 12:14 am

My Avira keeps saying its found a harmful malware on my pc but it wont remove it.Can anyone help? Lately ive been getting these pop up things from avira saying its found a harmfull malware on my pc, well I click remove and i keep getting them. Ive even tried Malware bytes antimalware and it didnt find a single trace. Does anyone know of any good anti-malware programs that might to the trick?
________________________
yahoo keyword tool ~ overture ~ traffic estimator ~ adwords traffic estimator

User avatar
ACalcutt
Vistumbler / TechIdiots Admin
Vistumbler / TechIdiots Admin
Posts: 1158
Joined: Sun Oct 21, 2007 6:50 pm
Location: Rutland, MA
Contact:

Re: Vistumbler malware ?

Post by ACalcutt » Wed May 18, 2011 3:08 am

Which file is it saying is a virus. Is the Digital Signature still on the file?(right click on the file and go to properites. there should be a digital signature tab)

Another anti-malware tool i like is http://www.emsisoft.com/en/software/antimalware/ (this is a free or pay program depending on the mode you choose). I have also been seeing Alureon variants a lot lately, some that infect your bootloader and the other programs weren't detecting. This is the removal program I use to detect Aluereon http://support.kaspersky.com/viruses/so ... =208280684

rputnam6158
Newbie
Posts: 1
Joined: Mon Dec 25, 2017 3:41 pm

Re: Vistumbler malware ?

Post by rputnam6158 » Mon Dec 25, 2017 3:56 pm

Just a little feedback concerning your questions about digital signature and malware. . .
Webroot indicated that there was malware on my computer after I installed Vistumbler from https://www.vistumbler.net/

When I selected a menu item, I had a pop up asking me to update to a more current version. webroot indicated that it had removed the malware (2 items).
There is no digital signature tab in Vistumbler properties: General, Shortcut, Compatibility, Security, Details

Here is a portion of my Webroot Log:
[MD5: 3F06FA23DD82CFC4BBB03B970C54DBF4] [3/00080001] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:08:51.0460 File blocked in realtime: c:\users\robert\appdata\local\microsoft\windows\inetcache\ie\00groov7\update[1].exe [UniqueID: 6249ACDD, MD5: 3F06FA23DD82CFC4BBB03B970C54DBF4, Size: 490496 bytes] [524289/00000003] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:08:51.0462 Determination flags modified: c:\users\robert\appdata\local\microsoft\windows\inetcache\ie\00groov7\update[1].exe - UniqueID: 6249ACDD, MD5: 3F06FA23DD82CFC4BBB03B970C54DBF4, Size: 490496 bytes, Flags: 00000020
Mon 2017-12-25 12:08:51.0486 Performing cleanup entry: 1
Mon 2017-12-25 12:08:51.0738 End passive write scan (2 file(s))
Mon 2017-12-25 12:08:53.0159 Scan Started: [ID: 3 - Flags: 1575/128]
Mon 2017-12-25 12:09:55.0577 Begin passive write scan (1 file(s))
Mon 2017-12-25 12:09:56.0295 End passive write scan (1 file(s))
Mon 2017-12-25 12:10:00.0354 Infection detected: c:\program files (x86)\vistumbler\update.exe [SHA256: 414771824D2D9A44DD17643861239A0746E118DF08C6941C5FCE2C2E1814D88B] [MD5: 3B0F037B952CC8029CF4A1403CDFFD4F] [3/00080000] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:10:00.0659 Scan Results: Files Scanned: 19166, Duration: 1m 7s, Malicious Files: 1
Mon 2017-12-25 12:10:00.0707 Scan Finished: [ID: 3 - Seq: 212616599]
Mon 2017-12-25 12:16:46.0709 Infection detected: c:\program files (x86)\vistumbler\update.exe [SHA256: 414771824D2D9A44DD17643861239A0746E118DF08C6941C5FCE2C2E1814D88B] [MD5: 3B0F037B952CC8029CF4A1403CDFFD4F] [3/00080000] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:16:46.0709 File blocked in realtime: c:\program files (x86)\vistumbler\update.exe [UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes] [524288/00000003] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:16:46.0710 File blocked in realtime: c:\program files (x86)\vistumbler\update.exe [UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes] [524288/00000003] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:16:46.0746 File blocked in realtime: c:\program files (x86)\vistumbler\update.exe [UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes] [524288/00000003] [(null)]
Mon 2017-12-25 12:16:47.0191 Infection detected: c:\program files (x86)\vistumbler\update.exe [SHA256: 414771824D2D9A44DD17643861239A0746E118DF08C6941C5FCE2C2E1814D88B] [MD5: 3B0F037B952CC8029CF4A1403CDFFD4F] [3/00080000] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:16:47.0191 File blocked in realtime: c:\program files (x86)\vistumbler\update.exe [UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes] [524288/00000003] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:16:47.0191 File blocked in realtime: c:\program files (x86)\vistumbler\update.exe [UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes] [524288/00000003] [Trojan.Muldrop.Gen]
Mon 2017-12-25 12:16:47.0253 File blocked in realtime: c:\program files (x86)\vistumbler\update.exe [UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes] [524288/00000003] [(null)]
Mon 2017-12-25 12:18:24.0474 Determination flags modified: c:\program files (x86)\vistumbler\update.exe - UniqueID: 82714741, MD5: 3B0F037B952CC8029CF4A1403CDFFD4F, Size: 980480 bytes, Flags: 00000020
Mon 2017-12-25 12:19:36.0743 Performing cleanup entry: 3
Mon 2017-12-25 12:19:37.0549 Scan Started: [ID: 4 - Flags: 551/128]
Mon 2017-12-25 12:20:18.0725 Scan Results: Files Scanned: 20764, Duration: 41s, Malicious Files: 0
Mon 2017-12-25 12:20:18.0749 Scan Finished: [ID: 4 - Seq: 212617217]
Mon 2017-12-25 12:23:37.0630 Saved the product log to C:\Users\Robert\Documents\Computer & Electronic Maintenance\!Quarantine Files\Webroot Scan Logs\Webroot Scan Log.log

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests