kdiiis.exe

Hello, what can you say about this file “kdiiis.exe”? this is clearly a Trojan, it is suspected that a substitute for the original explorer.exe file in the windows xpsp3, anti-virus does not react to it.

https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1329266711/

Sorry, bad English … I know this file is part of the net Framework, I understand?

it is not possible to say much just from a file name…a name is just a name ::slight_smile:

upload suspicious file(s) to www.virustotal.com and test with 40+ malware scanners
when you have the result, copy the url in the address bar and post it here for us to see

alternative
Jotti http://virusscan.jotti.org/en
VirSCAN http://virscan.org/
Metascan http://metascan-online.com/

OBS: when a file is scanned before…click the “scan again” button

so no detection

Kdiiis.exe
https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1329266269/

First seen by VirusTotal 2006-09-18 07:26:15 UTC ( 5 year, 5 months ago )

Sigcheck

publisher…: Microsoft Corporation
product…: Microsoft_ .NET Framework
internal name…: System.ServiceProcess.dll
copyright…: (c) Microsoft Corporation. All rights reserved.
original name…: System.ServiceProcess.dll
comments…: Flavor_Retail
file version…: 2.0.50727.1433 (REDBITS.050727-1400)
description…: .NET Framework

Hello,
what’s the file size?

Milos