Avast WEBforum

Other => Viruses and worms => Topic started by: alaingorissen on June 19, 2003, 11:51:56 PM

Title: Win32 Trojan-gen(UPX!)
Post by: alaingorissen on June 19, 2003, 11:51:56 PM

It sits in my C:/command.exe...
Can I safely delete this file?
What will happen when I do this ?
Thanks

Title: Re:Win32 Trojan-gen(UPX!)
Post by: raman on June 20, 2003, 06:00:58 AM

Normally it is safe, but due to the generic Naming of these kind of Malware it is not easy to tell. But you can rename or archive this file if you want or give us a "real" name by using this Link:  http://www.kaspersky.com/remoteviruschk.html

Title: Re:Win32 Trojan-gen(UPX!)
Post by: igor on June 20, 2003, 09:39:51 AM

Well, I don't expect any common program to be called command.exe and stay in the root of C: drive - it looks very suspicious indeed.

Title: Re:Win32 Trojan-gen(UPX!)
Post by: raman on June 20, 2003, 10:05:28 AM

I did not say that it is a false positiv, i think it is Malware,too. Like any packed Programm(upx, aspack or any other packed file) in the root or in the Windows folders(Windows, System or System32) is suspect for me.
And if these Programms are called "command.exe" " svhost.exe" or "run32dll.exe" too, than "my heuristics" rings the malware-bell! %-)