Author Topic: virus dans winrar arabic version  (Read 5276 times)

Offline altrad

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
virus dans winrar arabic version
« on: May 06, 2010, 08:30:34 PM »
Enter here Newsflash warning WinRar to use the Arabic language
A picture of the program


Arabic version of the company from infected Discovered Kaspersky


Sits on VirusTotal

5/41
http://www.virustotal.com/analisis/5ffd47f50775c2cef712f90fd97342f516315baf555c7790eaad487e7085429d-1273152057

site web Company winrar

www.rarlab.com

Offline logos

  • avast! Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9456
  • Gender: Male
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #1 on: May 06, 2010, 08:47:14 PM »
hi,

don't post in yellow it's impossible to read ;D
w7 - ais7

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21699
  • Gender: Male
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #2 on: May 06, 2010, 08:52:36 PM »
@Logos.......naaaa...you just bend way out to one side...... ;D

just for fun i downloaded the following version and scanned on VirusTotal  32bit Bulgarian / Norwegian / Chinese
all came up CLEAN....so this Arabic version looks to be infected


Anubis Analysis Report
http://anubis.iseclab.org/?action=result&task_id=145cae427390a8aa4fd18411293cc75c5&format=html
« Last Edit: May 06, 2010, 09:06:44 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline logos

  • avast! Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9456
  • Gender: Male
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #3 on: May 06, 2010, 08:57:52 PM »
doesn't work here, I can't read  :'( ;D >>> could be a side effect of that malware ???
w7 - ais7

Offline 13thSlayer

  • Full Member
  • ***
  • Posts: 161
  • What are ya staring at? The post is to the right.
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #4 on: May 07, 2010, 03:11:52 AM »
I'll translate the first post to a normal language  :-\
I post a warning that popped up while using Arabic version of WinRar
A picture of the program itself:
<pic>
The virus originally was found by Kaspersky, picture of the warning:
<pic>
VirusTotal results:
<link>
WinRar's company site:
<link>
Browser: Mozilla Firefox
OS: PCLinuxOS 2010.12, Mandriva 2010.2 and Windows XP
For security, install WOT. Really.

Offline 13thSlayer

  • Full Member
  • ***
  • Posts: 161
  • What are ya staring at? The post is to the right.
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #5 on: May 07, 2010, 03:13:41 AM »
doesn't work here, I can't read  :'( ;D >>> could be a side effect of that malware ???
Just highlight whatever the dude wrote with your mouse or touchpad or whatever. Sheesh.
Browser: Mozilla Firefox
OS: PCLinuxOS 2010.12, Mandriva 2010.2 and Windows XP
For security, install WOT. Really.

Offline Altarir.

  • Full Member
  • ***
  • Posts: 181
  • Gender: Male
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #6 on: May 07, 2010, 03:21:58 AM »
By the way, normally winrar doesn't have any file named "wrar393a.exe"

thus, its not related to winrar. although it might be some crack for winrar(infected with trojan  ;))
my systems: windows XP sp3; linux PClinuxOS
for the sake of your own security, you should install WOT and NoScript in your browser.

Offline polonus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 20140
  • Gender: Male
  • malware fighter
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #7 on: May 07, 2010, 02:30:29 PM »
Halio Altarir,

This is the virustotal result for that particular executable: http://www.virustotal.com/analisis/5ffd47f50775c2cef712f90fd97342f516315baf555c7790eaad487e7085429d-1273152057
Malware from a fake torrent download site for Winrar + Keygen:
htxp://wXw.torrentz.com/a9f4be7f3a8c812cf23889a8c56a0690a552447c

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline superhacker

  • avast! Evangelist
  • Advanced Poster
  • ***
  • Posts: 979
  • Gender: Male
  • superhacker != super mario
    • Shift Style
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #8 on: May 07, 2010, 02:50:13 PM »
I think who translate the program is the person who put the trojan"so i dont enter arabic websites",and i think also that 7-ZIP is better and anyway is an open source
"I'm not afraid to take a stand
Everybody come take my hand
We'll walk this road together, through the storm
Whatever weather, cold or warm
Just let you know that, you're not alone
Holla if you feel that you've been down the same road",Eminem.

Offline 13thSlayer

  • Full Member
  • ***
  • Posts: 161
  • What are ya staring at? The post is to the right.
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #9 on: May 07, 2010, 02:51:02 PM »
Halio Altarir,
Altarir is not Halio, whatever that is.
Browser: Mozilla Firefox
OS: PCLinuxOS 2010.12, Mandriva 2010.2 and Windows XP
For security, install WOT. Really.

Offline 13thSlayer

  • Full Member
  • ***
  • Posts: 161
  • What are ya staring at? The post is to the right.
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #10 on: May 07, 2010, 02:51:46 PM »
I think who translate the program is the person who put the trojan"so i dont enter arabic websites",and i think also that 7-ZIP is better and anyway is an open source
7-Zip is totally awesome, agreed, however PeaZip is also worth a shot  :)
Browser: Mozilla Firefox
OS: PCLinuxOS 2010.12, Mandriva 2010.2 and Windows XP
For security, install WOT. Really.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21699
  • Gender: Male
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #11 on: May 07, 2010, 03:47:06 PM »
Confirmed by Norman the detection is good - Refroso.AB
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Marc57

  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1940
  • Gender: Male
  • KISS Rules The World!!!
    • KISS Army
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #12 on: May 07, 2010, 04:55:54 PM »
I sent this to Microsoft, They say this is not malware.
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21699
  • Gender: Male
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #13 on: May 07, 2010, 05:15:59 PM »
Well i sendt it to avast and MBAM yesterday (5 post before you Marc  ;)  ) so wonder what conclusion they will have   ???


just scanned with MBAM and not detected yet....soooo.....maybe tomorrow..
« Last Edit: May 07, 2010, 05:25:30 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Marc57

  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1940
  • Gender: Male
  • KISS Rules The World!!!
    • KISS Army
    • Personal Message (Offline)
Re: virus dans winrar arabic version
« Reply #14 on: May 07, 2010, 05:23:36 PM »
I sent it to MBAM also (Sorry I didn't see you had already sent it) So they should be able to do a double take.  ;D ;D
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now