New Virus! Help!

Comments

  • This is not a virus; it's a file containing some encrypted data. Whatever is accessing this file is probably the virus.

  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]


    "gvthuar"="gvthuar.exe gvthuar"


    this is autorun key


    and this programm hooked some functions:


    NtQueryInformationFile


    NtQuerySystemInformation


    and other...

  • http://www.virustotal.com


    AntiVir 2007.11.05 TR/Dropper.Gen


    BitDefender 2007.11.06 -


    F-Secure 2007.11.06 Trojan.Win32.Inject.jn


    Ikarus 2007.11.06 Trojan.Win32.Inject.jn


    Kaspersky 2007.11.06 Trojan.Win32.Inject.jn


    Webwasher


    -Gateway 2007.11.05 Trojan.Dropper.Gen


    ???

  • Please upload gvthuar.exe. What you've uploaded is, as I've already said, just a data file.

  • You have a discerning archiver. Rar format? In the archive including the presence of the virus executable file, and added his entire working set of files.


    This is a separate file


    http://slil.ru/25070989

  • The link doesn't work. Please upload the file with your next post (preferably in a zip archive protected with the password "infected").


    Best regards.