Best Blackhat Forum

I would not download this to a computer i lliked!!!!!

---------------------------------------------
ROJ_GEN.F47V0802 also known as exqWebSearch, Artemis!9AA537B86A28.

Malware Analysis of TROJ_GEN.F47V0802

Created files:

%Common Appdata%eSafeeDelayinfo.edb
%Common Appdata%eSafeeGdpSvc.exe
%Common Appdata%eSafelogeGdpSvc.LOG
C:Documents and SettingsLocalServiceLocal SettingsTempCookiesindex.dat
C:Documents and SettingsLocalServiceLocal SettingsTempHistoryHistory.IE5desktop.ini
C:Documents and SettingsLocalServiceLocal SettingsTempHistoryHistory.IE5index.dat
C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE57MJ8T5NMdesktop.ini
C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE5desktop.ini
C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE5index.dat
C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE5NIIF3F5Wdesktop.ini
C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE5OK5X7FBDdesktop.ini
C:Documents and SettingsLocalServiceLocal SettingsTempTemporary Internet FilesContent.IE5YTRI2EHEdesktop.ini

Detected by UnHackMe:

EGDPSVC.EXE
Default location: %COMMON APPDATA%ESAFEEGDPSVC.EXE



Recommended: UnHackMe anti-rootkit and anti-malwa

---

someone rep me for finding this out.. lol

great and working! Rep+++++
and hey, I don´t know but about the malware but I have kasperskey installed (genuine software) and nothing was detected!

rep+ :) thanks

The O/P specifically said to run it under the following environments:

Vmware
Virtual Box
Sandboxie

All the above three programs create a separate section on your HDD where you can run applications without getting your PC infected. Virtual Box is available for free.