Setp.exe and java.exe

[iPerfect]

Hi ALL

I have strange problem with my system(windows XP) taking long time for
the network icon to appear after i boot the system. I also observer
that I have some alien files "setup.exe" in all my shared folders.

Next there are always two instanses(services) of "JAVA.exe" running
taking huge memory resource,even if i stop them they restart the
service themselfs.

Please Help me to get rid of this. My antivirus Trend Micro doesnt
detect anything so far

Thank You
regards

 

[David H. Lipman]

From: "iPerfect" <[email protected]>

| Hi ALL
|
| I have strange problem with my system(windows XP) taking long time for
| the network icon to appear after i boot the system. I also observer
| that I have some alien files "setup.exe" in all my shared folders.
|
| Next there are always two instanses(services) of "JAVA.exe" running
| taking huge memory resource,even if i stop them they restart the
| service themselfs.
|
| Please Help me to get rid of this. My antivirus Trend Micro doesnt
| detect anything so far
|
| Thank You
| regards


Please submit a samples of "setup.exe" and "JAVA.exe" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submissions will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:[email protected]?subject=SCAN

When you get the reports, please post back the exact results.

 

[iPerfect]

Hi

I have submitted the sample to VirusTotal and got the following result.
Please suggest me how I should preceed.

Thank You,
Kanthi Kiran N

Complete scanning result of "share_Virus.7z", received in VirusTotal at
12.19.2006, 12:11:27 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.19 12.19.2006 no virus found
Authentium 4.93.8 12.15.2006 no virus found
Avast 4.7.892.0 12.16.2006 Win32:Horst-DV
AVG 386 12.18.2006 no virus found
BitDefender 7.2 12.19.2006 Trojan.Proxy.Horst.EG
CAT-QuickHeal 8.00 12.18.2006 no virus found
ClamAV devel-20060426 12.19.2006 no virus found
DrWeb 4.33 12.19.2006 Trojan.DownLoader.15015
eSafe 7.0.14.0 12.19.2006 no virus found
eTrust-InoculateIT 23.73.89 12.19.2006 no virus found
eTrust-Vet 30.3.3259 12.18.2006 no virus found
Ewido 4.0 12.19.2006 no virus found
Fortinet 2.82.0.0 12.19.2006 no virus found
F-Prot 3.16f 12.15.2006 no virus found
F-Prot4 4.2.1.29 12.19.2006 no virus found
Ikarus T3.1.0.27 12.19.2006 no virus found
Kaspersky 4.0.2.24 12.19.2006 Trojan-Proxy.Win32.Horst.or
McAfee 4921 12.18.2006 no virus found
Microsoft 1.1904 12.19.2006 no virus found
NOD32v2 1928 12.19.2006 no virus found
Norman 5.80.02 12.18.2006 no virus found
Panda 9.0.0.4 12.19.2006 no virus found
Prevx1 V2 12.19.2006 no virus found
Sophos 4.12.0 12.18.2006 no virus found
Sunbelt 2.2.907.0 12.18.2006 no virus found
TheHacker 6.0.3.134 12.18.2006 no virus found
UNA 1.83 12.18.2006 TrojanProxy.Win32.Horst.F80A
VBA32 3.11.1 12.18.2006 no virus found
VirusBuster 4.3.19:9 12.18.2006 no virus found

Aditional Information
File size: 35092 bytes
MD5: 10aa94f4c9e0609a02bc356013439573
SHA1: 6282cd4cdd45d793fe58a6fa61bdc89ec75ee9db
packers: UPX
packers: UPX

 

[David H. Lipman]

From: "iPerfect" <[email protected]>

| Hi
|
| I have submitted the sample to VirusTotal and got the following result.
| Please suggest me how I should preceed.
|
| Thank You,
| Kanthi Kiran N
|

< snip>

| Avast 4.7.892.0 12.16.2006 Win32:Horst-DV
| BitDefender 7.2 12.19.2006 Trojan.Proxy.Horst.EG
| DrWeb 4.33 12.19.2006 Trojan.DownLoader.15015
| Kaspersky 4.0.2.24 12.19.2006 Trojan-Proxy.Win32.Horst.or
| UNA 1.83 12.18.2006 TrojanProxy.Win32.Horst.F80A

Did you compress the file(s) in a .7Z archive file; "share_Virus.7z" ?
If yes, then the above results are invalid or inconclusive. It is *best* to submit the raw
file rather than a copressed image to Virus Total as many of the scanners will not
decompressed the archive file submitted.