Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:TR/Malex.E.382
Date discovered:28/06/2011
Type:Trojan
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
File size:61.440 Bytes
MD5 checksum:66A022CA9613A9B2F0FB22D693064E97
VDF version:7.11.10.141 - Tuesday, June 28, 2011
IVDF version:7.11.10.141 - Tuesday, June 28, 2011

 General Method of propagation:
   • No own spreading routine


Aliases:
     Microsoft: Trojan:Win32/Malex.gen!E
     GData: Win32:SmokeLoader-AR


Platforms / OS:
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


Side effects:
    Falsely reports malware infection or system problems and offers to fix them if the user buys the application.
   • Registry modification

 Registry The following registry key is added in order to run the process after reboot:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "}"="%APPDATA%\svchost.exe"="}"="%APPDATA%\svchost.exe"

 File details Runtime packer:
In order to aggravate detection and reduce size of the file it is packed with the following runtime packer:
   • UPX

Description inserted by Jan-Eric Herting on Wednesday, January 18, 2012
Description updated by Jan-Eric Herting on Wednesday, January 18, 2012

Back . . . .