Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown .exe's, No Symptoms


  • Please log in to reply
1 reply to this topic

#1 jerryc

jerryc

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 07 July 2007 - 01:28 PM

I looked at task mgr and saw first this file name; ET1C6D.exe. I googled it and got nothing, then removed the .exe and got a single hit of a chinese based page with url's in it, one of which was to a health food site in Hong Kong. I translated the page and saved it to floppy and ran a scan on it, no virus, one instance of malware which a second scan didn't find again.
I went back to task mgr and now have VL49EE.exe. Also no google hits. 'end task' on both ended them apparently with no negative impact on the computer.
I've scanned my computer several times with no negative results, with Trend Micro fully updated, and with adawareSE and a2.
Any guesses?

BC AdBot (Login to Remove)

 


#2 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:07:11 AM

Posted 07 July 2007 - 02:12 PM

I get really antsy when I see files that look like random names, just to be sure, make sure that you can locate the files on the hard drive, you will have to browse to where the actual files are in place of <filepath>suspect.file

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

<filepath>suspect.file which could be C:\Windows\ET1C6D.exe

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/flash/index_en.html


For multiple files:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the browse button and navigate to the files listed below in bold, then click Submit. You will only be able to have one file scanned at a time.

<filepath>suspect.files

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/flash/index_en.html

CODE
Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the browse button and navigate to the files listed below in bold, then click Submit. You will only be able to have one file scanned at a time.

<filepath>suspect.files

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/flash/index_en.html

Edited by oldf@rt, 07 July 2007 - 02:13 PM.

The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users