Setp.exe and java.exe

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi ALL

I have strange problem with my system(windows XP) taking long time for
the network icon to appear after i boot the system. I also observer
that I have some alien files "setup.exe" in all my shared folders.

Next there are always two instanses(services) of "JAVA.exe" running
taking huge memory resource,even if i stop them they restart the
service themselfs.

Please Help me to get rid of this. My antivirus Trend Micro doesnt
detect anything so far

Thank You
regards


Re: Setp.exe and java.exe


| Hi ALL
|
| I have strange problem with my system(windows XP) taking long time for
| the network icon to appear after i boot the system. I also observer
| that I have some alien files "setup.exe" in all my shared folders.
|
| Next there are always two instanses(services) of "JAVA.exe" running
| taking huge memory resource,even if i stop them they restart the
| service themselfs.
|
| Please Help me to get rid of this. My antivirus Trend Micro doesnt
| detect anything so far
|
| Thank You
| regards


Please submit a samples of "setup.exe" and "JAVA.exe" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submissions will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it.  In addition,
unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN

When you get the reports, please post back the exact results.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Setp.exe and java.exe

Hi

I have submitted the sample to VirusTotal and got the following result.
Please suggest me how I should preceed.

Thank You,
Kanthi Kiran N

Complete scanning result of "share_Virus.7z", received in VirusTotal at
12.19.2006, 12:11:27 (CET).

Antivirus    Version    Update    Result
AntiVir    7.3.0.19    12.19.2006    no virus found
Authentium    4.93.8    12.15.2006    no virus found
Avast    4.7.892.0    12.16.2006    Win32:Horst-DV
AVG    386    12.18.2006    no virus found
BitDefender    7.2    12.19.2006    Trojan.Proxy.Horst.EG
CAT-QuickHeal    8.00    12.18.2006    no virus found
ClamAV    devel-20060426    12.19.2006    no virus found
DrWeb    4.33    12.19.2006    Trojan.DownLoader.15015
eSafe    7.0.14.0    12.19.2006    no virus found
eTrust-InoculateIT    23.73.89    12.19.2006    no virus found
eTrust-Vet    30.3.3259    12.18.2006    no virus found
Ewido    4.0    12.19.2006    no virus found
Fortinet    2.82.0.0    12.19.2006    no virus found
F-Prot    3.16f    12.15.2006    no virus found
F-Prot4    4.2.1.29    12.19.2006    no virus found
Ikarus    T3.1.0.27    12.19.2006    no virus found
Kaspersky    4.0.2.24    12.19.2006    Trojan-Proxy.Win32.Horst.or
McAfee    4921    12.18.2006    no virus found
Microsoft    1.1904    12.19.2006    no virus found
NOD32v2    1928    12.19.2006    no virus found
Norman    5.80.02    12.18.2006    no virus found
Panda    9.0.0.4    12.19.2006    no virus found
Prevx1    V2    12.19.2006    no virus found
Sophos    4.12.0    12.18.2006    no virus found
Sunbelt    2.2.907.0    12.18.2006    no virus found
TheHacker    6.0.3.134    12.18.2006    no virus found
UNA    1.83    12.18.2006    TrojanProxy.Win32.Horst.F80A
VBA32    3.11.1    12.18.2006    no virus found
VirusBuster    4.3.19:9    12.18.2006    no virus found

Aditional Information
File size: 35092 bytes
MD5: 10aa94f4c9e0609a02bc356013439573
SHA1: 6282cd4cdd45d793fe58a6fa61bdc89ec75ee9db
packers: UPX
packers: UPX


Re: Setp.exe and java.exe


| Hi
|
| I have submitted the sample to VirusTotal and got the following result.
| Please suggest me how I should preceed.
|
| Thank You,
| Kanthi Kiran N
|

< snip>

| Avast 4.7.892.0 12.16.2006 Win32:Horst-DV
| BitDefender 7.2 12.19.2006 Trojan.Proxy.Horst.EG
| DrWeb 4.33 12.19.2006 Trojan.DownLoader.15015
| Kaspersky 4.0.2.24 12.19.2006 Trojan-Proxy.Win32.Horst.or
| UNA 1.83 12.18.2006 TrojanProxy.Win32.Horst.F80A

Did you compress the file(s) in a .7Z archive file; "share_Virus.7z" ?
If yes, then the above results are invalid or inconclusive.  It is *best* to
submit the raw
file rather than a copressed image to Virus Total as many of the scanners will
not
decompressed the archive file submitted.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline