-
Conime.exe
Hey Guys,
Need some assistance and info on the file.
This keeps getting hijacked by malware at a particular client. I am in two minds about it being legit or totally malicious. I think it has something to do with Microsoft support for Asian languages ...
Could anyone who has any thoughts pelase do share.
-
-
Thanks, so I come to the conclusion that it is legit in most circumstances. Anyway , this client shouldnt need to use asian language installs so they can remove it.
-
Here are a couple things to try in the future if you find a suspicious file. Basically Virustotal will scan the file with ~50 AV programs and you can compare the results.
http://www.virustotal.com/
CWSandbox runs the application on their servers and give you a report on what files are created and where. By creating the appropriate sandboxed Windows environment, anything from infected Office documents to malicious URLs or scripts in Flash ads can be analyzed.
Sample Report: http://mwanalysis.org/?site=1&page=samplereport
Info: http://www.sunbeltsoftware.com/Malwa...elt-CWSandbox/
Submit: http://www.sunbeltsecurity.com/Submi...553671CBFD2360
-
shotto bob, will give the CWS a looksee
EDIT: http://www.mwanalysis.org/?site=1&page=submit
If this works as it says then this is the bomb dude.
Shot.
-
Hi Cider,
I have it on my system...............it seems to have been installed when I was trying to help that guy get Urdu as an input language.
-
shot Nihil for the confirmation :-)
-
-
Hey, Cider,
I have checked 7, Vista, XP and 2000.........
If you have not done it deliberately, then it is certainly Mallware............
It is NOT a windows default installation ;)
Hope that helps?
:)
-
Yip it does.
Now the question is ... did the customer install the language pack.