Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Eqsdoyjtfu.exe And Hbm.exe What Are These?


  • Please log in to reply
2 replies to this topic

#1 drummerdude

drummerdude

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:PA
  • Local time:06:36 AM

Posted 21 December 2007 - 04:01 PM

I ran autoruns and came across these and can't figure out what they are. Anyone have a clue?

C:\windows\system32\eqsdoyjtfu.exe
C:\windows\system32\hbm.exe

BC AdBot (Login to Remove)

 


#2 rookie147

rookie147

  • Members
  • 5,321 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 21 December 2007 - 04:16 PM

It is likely that both of these files are malware, but you might like to upload them to a file-scanner such as Jotti Virus Scanner. The scanner will check the file with various AV companies.
Copy and paste the results box into a reply to this thread.

If you are pleased with the service I have offered, you may like to consider making a donation. Posted Image
Posted Image


#3 drummerdude

drummerdude
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:PA
  • Local time:06:36 AM

Posted 21 December 2007 - 05:18 PM

File: eqsdoyjtfu.exe
Status:
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 65b958bf6f5eddca3d9455354af08b6f
Packers detected:
-
Bit9 reports: Not analyzed yet (more info)
Scanner results
Scan taken on 21 Dec 2007 22:03:15 (GMT)
A-Squared
Found nothing
AntiVir
Found TR/Pakes.bsz
ArcaVir
Found Heur.W32
Avast
Found nothing
AVG Antivirus
Found SHeur.AFWW
BitDefender
Found Trojan.Spambot.BZD
ClamAV
Found Trojan.Dropper-3365
CPsecure
Found Troj.W32.Pakes.bsz
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found Trojan.Win32.Pakes.bsz
Fortinet
Found W32/Pakes.BSZ!tr
Ikarus
Found Trojan.Win32.Pakes.bsz
Kaspersky Anti-Virus
Found Trojan.Win32.Pakes.bsz
NOD32
Found Win32/Agent.NHE
Norman Virus Control
Found nothing
Panda Antivirus
Found W32/MSNPhoto.K.worm
Rising Antivirus
Found Trojan.Win32.Pakes.bsz
Sophos Antivirus
Found Troj/Mailbot-CJ
VirusBuster
Found nothing
VBA32
Found Trojan.Win32.Pakes.bsz
Zoner Antivirus
Found nothing

File: hbm.exe
Status:
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 65b958bf6f5eddca3d9455354af08b6f
Packers detected:
-
Bit9 reports: Not analyzed yet (more info)
Scanner results
Scan taken on 21 Dec 2007 22:11:37 (GMT)
A-Squared
Found nothing
AntiVir
Found TR/Pakes.bsz
ArcaVir
Found Heur.W32
Avast
Found nothing
AVG Antivirus
Found SHeur.AFWW
BitDefender
Found Trojan.Spambot.BZD
ClamAV
Found Trojan.Dropper-3365
CPsecure
Found Troj.W32.Pakes.bsz
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found Trojan.Win32.Pakes.bsz
Fortinet
Found W32/Pakes.BSZ!tr
Ikarus
Found Trojan.Win32.Pakes.bsz
Kaspersky Anti-Virus
Found Trojan.Win32.Pakes.bsz
NOD32
Found Win32/Agent.NHE
Norman Virus Control
Found nothing
Panda Antivirus
Found W32/MSNPhoto.K.worm
Rising Antivirus
Found Trojan.Win32.Pakes.bsz
Sophos Antivirus
Found Troj/Mailbot-CJ
VirusBuster
Found nothing
VBA32
Found Trojan.Win32.Pakes.bsz
Zoner Antivirus
Found nothing

this is something that it does too when Eqsdoyjtfu.exe is running
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users