Hi, can you please analize this EXE? I found it on C:\ProgrFiles. Is it a trojan? have I to delete it or this my cause issue with HP? thanks a lot. Best regards, here the perhaps infected file: https://www7.zippyshare.com/v/8NmpI6zP/file.html at the moment I moved it into Draft folder.

Re: Is my EXE infected?

I do not know if you have already done it, but when you have this kind of doubts you can use VirsuTotal or hybrid-analysis. Well here is the total virus scan: Virustotal Scan

Re: Is my EXE infected?

Great 0/67! thanks for the reply and the very useful link. Best,

Re: Is my EXE infected?

It is without any doubt that there are many ways to infect not only exe but also the other common file types readable by computers on this Earth.

Here are some ways by which one can infect an exe.

  1. Non-Destructive Non-Destructive usually involves adding or binding the code at the end of the file or in the beginning. You can then also create jump points in it. Let's say you have malicious code placed at the end of the file, and you want it to execute it before the original code executes. You simply place a jump instruction to it.
  2. Destructive The destructive approach follows overwriting a segment of the code with your malicious one. A part of the file no longer exists and is overwritten by the virus code. Destruction approach, however, is not a good approach. You cannot restore the file after removing the malicious code.

Precautions

  • One good way would be to have an antivirus program installed on your server
  • Another methods would be allowing the file to check its own integrity, which can be bypassed in most of the cases.
  • Other way would be hashing the file, every time a file is changed, downloaded or is executed, it must check with the hash you stored on the server.

The second method is also used in Windows 7 (Applocker), which checks the files for any broken hashes, and disrupts the download in hash-mismatch case. It not only protects the user from downloading any altered files, but also the broken files which may cause trouble to the system.

Re: Is my EXE infected?

Use an Antivirus to check if the infected file is a huge threat or not.

I would suggest you use a well-known Antivirus program.