Trojan-Downloader.Win32.Small.bke in desktop theme package?

Discussion in 'malware problems & news' started by dawn_m, Feb 25, 2006.

Thread Status:
Not open for further replies.
  1. dawn_m

    dawn_m Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    3
    Just downloaded an Anita Blake theme, I'm a fan, LOL, from this wonderful-looking site here:
    http://www.bluecatsgraphics.com/index.php?mc=thm&sc=tmisc
    My Kaspersky claims the .exe file contains a Trojan-Downloader.Win32.Small.bke (the files anitablake.exe, WISE0019.BIN)
    Since Kaspersky sometimes gives false positives, and I *so* want that theme installed, I wonder -- did any of you had a similar problem with a theme exe identified as a trojan downloader?

    Thank you :)

    Dawn
     
  2. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi dawn, and welcome to the forum. :)

    You might want to upload the exe file to http://virusscan.jotti.org/ and see what the different scanners say about the file.

    You could also submit it to Kaspersky for analysis.

    Regards,

    snap
     
  3. dawn_m

    dawn_m Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    3
    Thank you :)

    http://virusscan.jotti.org/ is a truly helpful link! Other scanners found malware / trojan

    Sent the file to Kaspersky, too.

    Dawn
     
  4. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    If you haven't already, you should do a full system scan with your antivirus, along with a anti-spyware app just in case anything else downloaded along with the file. Some free screensavers do come bundled with spyware/adware, and other unwanted guests.

    Glad you played it safe, dawn, with scanning it first before executing the file. ;)

    Regards,

    snap
     
  5. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    The theme contains New.net adware/spyware (I just tested it), so no, it's most probably not a false positive. Don't use it.
     
  6. dawn_m

    dawn_m Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    3
    Thank you TNT.
    Snap I took your advice and did a full scan with Kaspersky. Clean (I always scan with Kaspersky before I click LOL). Will now run a scan with Spybot and AdAware as well.

    I love Anita Blake, but not that much! :)

    Dawn
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Along with the other comments concerning badware contained inside some of these themes....the actual download site....ezthemes.com....is contained in certain recommended Restricted Site and Hosts file databases for this very reason.
     
Loading...
Thread Status:
Not open for further replies.