trojan.win32.delf.nl

Discussion in 'other anti-trojan software' started by mllopes, Jul 27, 2006.

Thread Status:
Not open for further replies.
  1. mllopes

    mllopes Registered Member

    Joined:
    Feb 10, 2005
    Posts:
    92
    Location:
    Portugal
    Hi
    When i was scanning my pc with a-squared free it detected this in the folder
    C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    I have Boclean running and did not alert me of anything should i be worried?
    Thank you

    Mário
     
  2. mllopes

    mllopes Registered Member

    Joined:
    Feb 10, 2005
    Posts:
    92
    Location:
    Portugal
    I am now running ewido and so far nothing appear, so may be a FP from a-squared


    well it has finished and nothing found also still no alert from Boclean
    dont know what to thinko_O
     
  3. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    Right click on the file, look at the properties of the file.

    Check the md5 hash, and google.

    It should be legimate .
     
  4. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,350
    Location:
    The Netherlands
  5. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651

    and from there you can see if it is safe or not .. 26 av's with some of them a very respected response time regarding detection ...


    you'll see

    good luck
     
  6. mllopes

    mllopes Registered Member

    Joined:
    Feb 10, 2005
    Posts:
    92
    Location:
    Portugal
    Thank you
    I have uploaded the file, but how do i know then if it is something?
    Also i have posted in a-squared forum but till today i havent received any answer.

    Mário
     
  7. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,350
    Location:
    The Netherlands
    Well, you patiently wait for the scan results to appear...

    You"ll eventually see something like this (see attachment)

    In this particular case you can see that two AVs positively identify it as malware (even though the majority don't).

    That's the advantage of having a file scanned by multiple engines.
     

    Attached Files:

    • VT.gif
      VT.gif
      File size:
      31.9 KB
      Views:
      409
Thread Status:
Not open for further replies.