-
August 27th, 2010, 01:08 PM
#1
Conime.exe
Hey Guys,
Need some assistance and info on the file.
This keeps getting hijacked by malware at a particular client. I am in two minds about it being legit or totally malicious. I think it has something to do with Microsoft support for Asian languages ...
Could anyone who has any thoughts pelase do share.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 27th, 2010, 02:20 PM
#2
-
August 27th, 2010, 02:42 PM
#3
Thanks, so I come to the conclusion that it is legit in most circumstances. Anyway , this client shouldnt need to use asian language installs so they can remove it.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
August 31st, 2010, 07:29 PM
#4
Here are a couple things to try in the future if you find a suspicious file. Basically Virustotal will scan the file with ~50 AV programs and you can compare the results.
http://www.virustotal.com/
CWSandbox runs the application on their servers and give you a report on what files are created and where. By creating the appropriate sandboxed Windows environment, anything from infected Office documents to malicious URLs or scripts in Flash ads can be analyzed.
Sample Report: http://mwanalysis.org/?site=1&page=samplereport
Info: http://www.sunbeltsoftware.com/Malwa...elt-CWSandbox/
Submit: http://www.sunbeltsecurity.com/Submi...553671CBFD2360
-
September 1st, 2010, 02:59 PM
#5
shotto bob, will give the CWS a looksee
EDIT: http://www.mwanalysis.org/?site=1&page=submit
If this works as it says then this is the bomb dude.
Shot.
Last edited by Cider; September 1st, 2010 at 03:03 PM.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
September 3rd, 2010, 05:52 PM
#6
Hi Cider,
I have it on my system...............it seems to have been installed when I was trying to help that guy get Urdu as an input language.
-
September 6th, 2010, 01:29 PM
#7
shot Nihil for the confirmation :-)
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
September 6th, 2010, 01:30 PM
#8
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
September 6th, 2010, 05:13 PM
#9
Hey, Cider,
I have checked 7, Vista, XP and 2000.........
If you have not done it deliberately, then it is certainly Mallware............
It is NOT a windows default installation
Hope that helps?
-
September 7th, 2010, 09:31 AM
#10
Yip it does.
Now the question is ... did the customer install the language pack.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|