asdf.exe

Hi,
my firewall has blocked an outgoing request to 66.159.17.156:80 from an application named “asdf.exe” (c:\asdf.exe) ???

After a short search on google, it could be a kind of trojan!
no alert from the virus scan!

what can i do? send an email with the exe file to avast team.??

Many thanks for your comment!
Papagayo!

It is likely to some kind of trojan if you can’t associate it with something you downloaded.

If believe this is an undetected virus, then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces).

Give a brief outline of the problem, the fact that you believe it to be an undetected virus and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. You can’t do this with the file in the chest, you will need to move it out.
Or VirusTotal - Multi engine on-line virus scanner

Thanks DavidR!
here the result!!!

AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found Trojan.Downloader.Small.GJ
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found unknown virus (probable variant)
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Small.bhf
NOD32 Found Win32/TrojanDownloader.Small.NEU
Norman Virus Control Found Sandbox: W32/Downloader;
[ General information ]

  • File length: 1550 bytes.
    [ Changes to filesystem ]
  • Creates file C:\1.exe.
    [ Network services ]
  • Downloads file from h t t p : / / 6 6 . 1 5 9 . 1 7 . 1 5 6 / r m / w . e x e a s c : \ 1 . e x e .
    [ Security issues ]
  • Starting downloaded file - potential security problem.

UNA Found nothing
VBA32 Found Worm.Bagle-NetSky.2 (probable variant)

Hi papagayo,

Your firewall detection is for multiple versions of a downloadable trojan designed to download files from remote servers. It does not install itself or hook system start up, so as far as known does not stay in memory. The URL specified was not available, so the trojan downloader was unable to download any remote malware files. So possibly your firewall kept you out of harms way.

greets,

polonus

Submit the file to avast! as outlined above and delete the file.

You might want to check and see if there are any other things running on your system.

Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2
For an on-line analysis - HiJackThis Log file - On-line Analysis
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.
OR HiJackThis Log file - On-line Analysis 2

Thanks to all, i have send it to avast and delete it from my computer.

No problem how did you get on with HiJackThis?