I was looking for the so called system32 nexon spyer, and i found an exe named virus, im afraid to delete it because that might be programmed as a trigger D=
WTF DO I DO!!
Code:
a-squared 4.5.0.24 2009.09.11 -
AhnLab-V3 5.0.0.2 2009.09.11 -
AntiVir 7.9.1.14 2009.09.11 -
Antiy-AVL 2.0.3.7 2009.09.11 -
Authentium 5.1.2.4 2009.09.11 -
Avast 4.8.1351.0 2009.09.11 -
AVG 8.5.0.412 2009.09.11 -
BitDefender 7.2 2009.09.11 -
CAT-QuickHeal 10.00 2009.09.11 -
ClamAV 0.94.1 2009.09.11 -
Comodo 2285 2009.09.11 -
DrWeb 5.0.0.12182 2009.09.11 Trojan.PWS.Banker.origin
eSafe 7.0.17.0 2009.09.10 -
eTrust-Vet 31.6.6733 2009.09.11 -
F-Prot 4.5.1.85 2009.09.11 -
F-Secure 8.0.14470.0 2009.09.11 -
Fortinet 3.120.0.0 2009.09.11 -
GData 19 2009.09.11 -
Ikarus T3.1.1.72.0 2009.09.11 -
Jiangmin 11.0.800 2009.09.11 -
K7AntiVirus 7.10.842 2009.09.11 -
Kaspersky 7.0.0.125 2009.09.11 -
McAfee 5738 2009.09.11 -
McAfee+Artemis 5738 2009.09.11 -
McAfee-GW-Edition 6.8.5 2009.09.11 -
Microsoft 1.5005 2009.09.11 Trojan:Win32/Malex.gen!G
NOD32 4417 2009.09.11 -
Norman 6.01.09 2009.09.11 -
nProtect 2009.1.8.0 2009.09.11 -
Panda 10.0.2.2 2009.09.11 -
PCTools 4.4.2.0 2009.09.11 -
Prevx 3.0 2009.09.11 -
Rising 21.46.44.00 2009.09.11 -
Sophos 4.45.0 2009.09.11 -
Sunbelt 3.2.1858.2 2009.09.11 -
Symantec 1.4.4.12 2009.09.11 -
TheHacker 6.3.4.4.400 2009.09.10 -
TrendMicro 8.950.0.1094 2009.09.11 -
VBA32 3.12.10.10 2009.09.11 -
ViRobot 2009.9.11.1930 2009.09.11 -
VirusBuster 4.6.5.0 2009.09.11 -
Additional information
File size: 21010 bytes
MD5...: cf91dbbb22cf2eaa629eaf13f5b6c9f3
SHA1..: 2c330cbff8fc99cc23e298e9662fb72263b2cef9
SHA256: ca0148628c19a93b30fc1939b85669b55a7f167ecb604498d77e9451b8e8f19e
ssdeep: 192:B8H02t2NyPmj8gNgQZLx6yr/bmKdUM/WqLDq6vMpvSI4KCMFY3:0vPmjjZLh
/VUcjLXkpa5xr3
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1240
timedatestamp.....: 0x4a67e4bc (Thu Jul 23 04:19:08 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xc74 0xe00 4.99 4b6f579597665f179714c798940e918f
.data 0x2000 0x50 0x200 0.43 9b51ebc8816661ed22c82bf4d2401bd6
.rdata 0x3000 0x130 0x200 3.65 f9e465787e9f2fda6f3323c70c19602f
.bss 0x4000 0xb0 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x5000 0x48c 0x600 3.63 caf95300a93094fcdceddc6b67578bf9
( 3 imports )
> KERNEL32.dll: AddAtomA, CopyFileA, ExitProcess, FindAtomA, GetAtomNameA, GetModuleFileNameA, GetModuleHandleA, GetSystemDirectoryA, SetUnhandledExceptionFilter
> msvcrt.dll: __getmainargs, __p__environ, __p__fmode, __set_app_type, _cexit, _iob, _onexit, _setmode, abort, atexit, fflush, fprintf, free, malloc, signal, strcat
> USER32.dll: CreateWindowExA, DefWindowProcA, DispatchMessageA, GetMessageA, LoadCursorA, LoadIconA, MessageBoxA, PostQuitMessage, RegisterClassExA, ShowWindow, TranslateMessage
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: MinGW32 C/C++ Executable (91.6%)
Win32 Executable Generic (3.1%)
Win32 Dynamic Link Library (generic) (2.8%)
Win16/32 Executable Delphi generic (0.7%)
Generic Win/DOS Executable (0.7%)