Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Startup Entry


  • Please log in to reply
7 replies to this topic

#1 NicoDev

NicoDev

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France
  • Local time:11:49 AM

Posted 22 October 2010 - 05:21 AM

Hello

This entry correspond to a programm which is installed with cherche.us

O4 - HKLM\..\Run: [binternet] C:\Windows\System32\binternet.exe

Filename: binternet.exe
Registry Value Name: binternet
Command: C:\Windows\System32\binternet.exe
File Location: C:\Windows\System32\
Description: Added by cherche.us
Status: X


Nico

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:49 AM

Posted 22 October 2010 - 09:54 AM

This is a french infection I am assuming?

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:49 AM

Posted 22 October 2010 - 10:28 PM

Looks like part of your Ramnit infection.
binternet.exe shows as Malware


Virusscan shows binternet.exe as New Malware.d >>McAfee 2010-10-22
http://virscan.org/report/4cf9ecf3edc713f211c161ee375fc7bd.html

ThreatExpert's Statistics for New Malware.d [McAfee]:
http://www.threatexpert.com/threats/new-malware-d.
which lists iy as an alias for Mal/SillyFDC-A [Sophos] which is a Ramnit infection.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 NicoDev

NicoDev
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France
  • Local time:11:49 AM

Posted 23 October 2010 - 12:24 PM

Hello grinler

This is a french infection I am assuming?

I'm not sure its only french

++

#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:49 AM

Posted 23 October 2010 - 12:39 PM

Added to startups.

#6 NicoDev

NicoDev
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France
  • Local time:11:49 AM

Posted 23 October 2010 - 03:29 PM

Thanks :thumbsup:

If I have a new startup Entry, I post it here or I create a new topic ?

Nico

Edited by NicoDev, 23 October 2010 - 03:31 PM.


#7 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,640 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:49 AM

Posted 23 October 2010 - 04:21 PM

Yes you can post it as a new topic in th startups forum.

#8 NicoDev

NicoDev
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France
  • Local time:11:49 AM

Posted 24 October 2010 - 05:19 AM

Ok,

Thanks

Nico





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users