400x.exe nella directory Windows

**andrus** · 18-05-2007, 19:10

Oys veramente grande questo sito!!! (www.virustotal.com), se ho capito bene effettua una scansione con più di 20 antivirus!!! Grazie mille, questo è il rapporto:

Complete scanning result of "400x.exe", received in VirusTotal at 05.18.2007, 17:55:15 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.5.16.1 05.18.2007 no virus found
AntiVir 7.4.0.23 05.18.2007 no virus found
Authentium 4.93.8 05.16.2007 no virus found
Avast 4.7.997.0 05.18.2007 no virus found
AVG 7.5.0.467 05.18.2007 no virus found
BitDefender 7.2 05.18.2007 BehavesLike:Trojan.HangUp
CAT-QuickHeal 9.00 05.18.2007 no virus found
ClamAV devel-20070416 05.17.2007 no virus found
DrWeb 4.33 05.18.2007 no virus found
eSafe 7.0.15.0 05.17.2007 suspicious Trojan/Worm
eTrust-Vet 30.7.3641 05.17.2007 no virus found
Ewido 4.0 05.18.2007 no virus found
FileAdvisor 1 05.18.2007 no virus found
Fortinet 2.85.0.0 05.18.2007 suspicious
F-Prot 4.3.2.48 05.16.2007 no virus found
F-Secure 6.70.13030.0 05.18.2007 W32/Dialer
Ikarus T3.1.1.7 05.18.2007 no virus found
Kaspersky 4.0.2.24 05.18.2007 no virus found
McAfee 5033 05.17.2007 no virus found
Microsoft 1.2503 05.18.2007 no virus found
NOD32v2 2276 05.18.2007 no virus found
Norman 5.80.02 05.18.2007 W32/Dialer
Panda 9.0.0.4 05.17.2007 Dialer.KEZ
Prevx1 V2 05.18.2007 Covert.Sys.Exec
Sophos 4.17.0 05.18.2007 no virus found
Sunbelt 2.2.907.0 05.17.2007 no virus found
Symantec 10 05.18.2007 no virus found
TheHacker 6.1.6.118 05.18.2007 no virus found
VBA32 3.12.0 05.18.2007 no virus found
VirusBuster 4.3.7:9 05.18.2007 no virus found
Webwasher-Gateway 6.0.1 05.18.2007 Trojan.Dialer.Win32.Malware.gen (suspicious)

Aditional Information
File size: 6144 bytes
MD5: c00ad67e6733d9672a15b191a27a33ca
SHA1: 752797d496f088cad3bd46e2328fccd988d9ebd0
packers: UPX
packers: UPX
packers: UPX
norman sandbox: [ General information ]
* **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
* Decompressing UPX.
* File length: 6144 bytes.

[ Changes to registry ]
* Creates value "crtfmon"="c:sample.exe" in key "HKLMSoftwareMicrosoftWindowsCurrentVersionRun ".
* Creates key "HKLMSoftwareMicrosoftAdversCalls".
* Sets value "TimeOne"="
* -f" in key "HKLMSoftwareMicrosoftAdversCalls".
* Sets value "TimeTwo"="_A_" in key "HKLMSoftwareMicrosoftAdversCalls".

[ Changes to system settings ]
* Enumerates RAS devices.
* Read RAS entry properties.
* Enumerates RAS connections.
* Set dialer properties to dial () secret.

[ Process/window information ]
* Will automatically restart after boot (I'll be back...).

----------------------------------------------------------------------

Se ho capito bene solo alcuni degli antivirus me lo vedono come una specie trojan/dialer... quindi è meglio cancellarlo vero?? maledetti!!!

Hijackthis è necessario? non ce l'ho installato...

Discussione: 400x.exe nella directory Windows

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio