avast blind

[mantra]

hi folks!

i post a file , it's not a virus but avast detect like a trojan

[igor]

Please, don't do this. Attaching files that avast! announces as infected is really not a good idea!

I don't know what makes you think that the file is clean. The file, though named .exe.jpg, is an executable file in fact. When started, it checks for a presence of a known AdWare (TMKSoft XPlugin), tries to download a file from a strange IP address, write it to system directory and start it (including possible planning to be started on next restart).
It really doesn't look like an innocent piece of code.

[mantra]

ops
sorry
i will never post files.. sorry

i tested this with kaspersky ,nod32 drweb and norton
every avs told me is ok!

[mantra]

i'm really sorry
where can i find how remove reg entry!

i started it (this trojan)

[raman]

What is the name of that filem, where did you find it and what name does Avast give that "trojan"?

Or post a Hijackthis log: http://216.180.233.153/~merijn/files/HijackThis.exe
http://mjc1.com/mirror/hjt/

[igor]

avast! detects it as Win32:Esednldr-B [Trj].
In my opinion, if it doesn't find the adware installed (HKLM\Software\TMKSoft\XPlugin), it doesn't do anything.

[raman]

Who knows if it was installed on mantras pc or not?

@mantra:

if you want you can study this Link:
http://www.trendmicro.com/vinfo/virusencyclo/default2.asp?m=q&virus=TROJ_ESEPOR.A
 

[whocares]

Hi,
Mantra's sample was rather this Malware:
TROJ_ESEPOR.C

[mantra]

thanks mates