Skip navigation.
Home

sapmi_vcstats.exe can some1 pls analyze the file...

|

I got infected with this malware sapmi_vcstats.exe .... its md5 hash f3ccd302d540b229a60c48ca43a9aca9

I uploaded it to this site, nothing has been reported as yet...

i have formatted my os drive and reinstalled windows since then but now i'm stuck wondering whether it infected the other drives as well...

I couldn't find any malicious processes running after i restarted my comp... sygate firewall had asked whether to allow this file to access the internet, which i blocked.

Please throw some light on the issue....

All help will be deeply appreciated.

have you submitted the

have you submitted the binary to cwsandbox.org or joebox.org?

---
"Vernichte ihn! Er ist nur ein USER!" (MCP)

no i have not... one more

no i have not... one more suspicious activity that i'm noticing is that on the previous installation i had the my documents folder on my f:... it referred to a folder "my docs"... after i formatted it the previously drive f: is now the d: and the previously d: is now the f:....

and now i constantly get a folder "my docs" which has an empty folder "my pictures" inside it. Even if i delete it, it reappears there.

I submitted to the above two

I submitted to the above two websites (thanks for that!!) .... awaiting the results... I'm thoroughly confused... i was the first person to report the file to avira (and was thereby added to their detection list. :(

The result of the cwsandbox

The result of the cwsandbox is here

http://cwsandbox.org/?page=details&id=356153&password=oforb

I'm just more confused about its work now... :(((

Help me pls...

avira

if avira knows that kind of malware they will reply soon,
and will send you their threat id / name

if (they) have no idea, it would take about two days receiving their reply
about uploaded unknown bin.
what means youve got a good one.
:)

---
"Vernichte ihn! Er ist nur ein USER!" (MCP)

it's called windows

may be you should have a look onto your system as system/ntauthority
and rip your registry ;)

---
"Vernichte ihn! Er ist nur ein USER!" (MCP)

They have sent the report

They have sent the report and now avira recognizes the file as a trojan TR/Sonat.308230..... It just sux... i don't know what the hell to do with my stupid puter... just feelin like throwing it outta the house....